Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/montage-6.0+dfsg/lib/src/cmd/cmd.c
Examining data/montage-6.0+dfsg/lib/src/cmd/cmd.h
Examining data/montage-6.0+dfsg/lib/src/coord/convertCoordinates.c
Examining data/montage-6.0+dfsg/lib/src/coord/convertBesselianJulian.c
Examining data/montage-6.0+dfsg/lib/src/coord/precessJulian.c
Examining data/montage-6.0+dfsg/lib/src/coord/convertGalSgal.c
Examining data/montage-6.0+dfsg/lib/src/coord/convertEquGal.c
Examining data/montage-6.0+dfsg/lib/src/coord/coord.h
Examining data/montage-6.0+dfsg/lib/src/coord/convertEclEqu.c
Examining data/montage-6.0+dfsg/lib/src/coord/ccalc.c
Examining data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c
Examining data/montage-6.0+dfsg/lib/src/coord/decimalDegreeToSex.c
Examining data/montage-6.0+dfsg/lib/src/coord/precessBesselian.c
Examining data/montage-6.0+dfsg/lib/src/coord/computeFKCorrections.c
Examining data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c
Examining data/montage-6.0+dfsg/lib/src/pixbounds/pixbounds.c
Examining data/montage-6.0+dfsg/lib/src/pixbounds/bndtest.c
Examining data/montage-6.0+dfsg/lib/src/pixbounds/pixbounds.h
Examining data/montage-6.0+dfsg/lib/src/lodepng_20140823/lodepng.h
Examining data/montage-6.0+dfsg/lib/src/lodepng_20140823/lodepng.c
Examining data/montage-6.0+dfsg/lib/src/boundaries/boundaries.h
Examining data/montage-6.0+dfsg/lib/src/boundaries/test/hulltest.c
Examining data/montage-6.0+dfsg/lib/src/boundaries/test/nsboxtest.c
Examining data/montage-6.0+dfsg/lib/src/boundaries/test/gnomonic.c
Examining data/montage-6.0+dfsg/lib/src/boundaries/boundaries.c
Examining data/montage-6.0+dfsg/lib/src/www/www.c
Examining data/montage-6.0+dfsg/lib/src/www/www.h
Examining data/montage-6.0+dfsg/lib/src/svc/test/aborttest.c
Examining data/montage-6.0+dfsg/lib/src/svc/test/test3.c
Examining data/montage-6.0+dfsg/lib/src/svc/test/structtest.c
Examining data/montage-6.0+dfsg/lib/src/svc/test/abortchild.c
Examining data/montage-6.0+dfsg/lib/src/svc/test/test1.c
Examining data/montage-6.0+dfsg/lib/src/svc/test/test2.c
Examining data/montage-6.0+dfsg/lib/src/svc/svc.h
Examining data/montage-6.0+dfsg/lib/src/svc/svclib.c
Examining data/montage-6.0+dfsg/lib/src/svc/structlib.c
Examining data/montage-6.0+dfsg/lib/src/json/jsonlib.c
Examining data/montage-6.0+dfsg/lib/src/json/json.h
Examining data/montage-6.0+dfsg/lib/src/two_plane_v1.1/two_plane.h
Examining data/montage-6.0+dfsg/lib/src/two_plane_v1.1/distort.h
Examining data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c
Examining data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c
Examining data/montage-6.0+dfsg/lib/src/two_plane_v1.1/undistort.c
Examining data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.h
Examining data/montage-6.0+dfsg/lib/src/two_plane_v1.1/two_plane.c
Examining data/montage-6.0+dfsg/lib/src/two_plane_v1.1/distort.c
Examining data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/nut2006.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/imsetwcs.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/log.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile1.h
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat.h
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.h
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/poly.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/imio.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/platefit.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/polfit.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.h
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.h
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/fortcat.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.h
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/gsc2read.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/fitshead.h
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/worldpos.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/str2dsun.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/cel.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/lwcs.h
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/shrink.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/zpxpos.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/lin.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/tabsort.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/wcstrig.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar1.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/sortstar.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/imio.h
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/distort.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/fortwcs.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/imutil.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/findstar.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/str2dcpp.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/tnxpos.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/platepos.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon1.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/str2ang.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/sph.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/dsspos.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/nut1981.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/daoread.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c
Examining data/montage-6.0+dfsg/lib/src/montage_wcs/caphot.c
Examining data/montage-6.0+dfsg/lib/src/mtbl/test/nian.c
Examining data/montage-6.0+dfsg/lib/src/mtbl/test/test3.c
Examining data/montage-6.0+dfsg/lib/src/mtbl/test/nian2.c
Examining data/montage-6.0+dfsg/lib/src/mtbl/test/test_mtblio.c
Examining data/montage-6.0+dfsg/lib/src/mtbl/test/test1.c
Examining data/montage-6.0+dfsg/lib/src/mtbl/test/multi_test.c
Examining data/montage-6.0+dfsg/lib/src/mtbl/test/tbl2xml.c
Examining data/montage-6.0+dfsg/lib/src/mtbl/test/test2.c
Examining data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c
Examining data/montage-6.0+dfsg/lib/src/mtbl/mtbl.h
Examining data/montage-6.0+dfsg/lib/src/mcurl/mcurl.c
Examining data/montage-6.0+dfsg/lib/src/mcurl/mcurl.h
Examining data/montage-6.0+dfsg/Montage/subImage.c
Examining data/montage-6.0+dfsg/Montage/mMakeHdr.c
Examining data/montage-6.0+dfsg/Montage/mAddCube.c
Examining data/montage-6.0+dfsg/Montage/mShrinkCube.c
Examining data/montage-6.0+dfsg/Montage/mTblSort.c
Examining data/montage-6.0+dfsg/Montage/checkFile.c
Examining data/montage-6.0+dfsg/Montage/get_hhdr.c
Examining data/montage-6.0+dfsg/Montage/mFitplane.c
Examining data/montage-6.0+dfsg/Montage/mAdd.c
Examining data/montage-6.0+dfsg/Montage/projTest.c
Examining data/montage-6.0+dfsg/Montage/subCube.h
Examining data/montage-6.0+dfsg/Montage/mDiffFitExec.c
Examining data/montage-6.0+dfsg/Montage/checkHdr.c
Examining data/montage-6.0+dfsg/Montage/debugCheck.c
Examining data/montage-6.0+dfsg/Montage/mDiff.c
Examining data/montage-6.0+dfsg/Montage/mFitExec.c
Examining data/montage-6.0+dfsg/Montage/mSubCube.c
Examining data/montage-6.0+dfsg/Montage/get_hfiles.c
Examining data/montage-6.0+dfsg/Montage/filePath.c
Examining data/montage-6.0+dfsg/Montage/mCoverageCheck.c
Examining data/montage-6.0+dfsg/Montage/mFlattenExec.c
Examining data/montage-6.0+dfsg/Montage/mProjectPP.c
Examining data/montage-6.0+dfsg/Montage/mProjExec.c
Examining data/montage-6.0+dfsg/Montage/montage.h
Examining data/montage-6.0+dfsg/Montage/mNaN.h
Examining data/montage-6.0+dfsg/Montage/ltqnorm.c
Examining data/montage-6.0+dfsg/Montage/mShrink.c
Examining data/montage-6.0+dfsg/Montage/print_rec.c
Examining data/montage-6.0+dfsg/Montage/subImage.h
Examining data/montage-6.0+dfsg/Montage/mHdrCheck.c
Examining data/montage-6.0+dfsg/Montage/mProject.c
Examining data/montage-6.0+dfsg/Montage/mProjectCube.c
Examining data/montage-6.0+dfsg/Montage/overlapArea.c
Examining data/montage-6.0+dfsg/Montage/subCube.c
Examining data/montage-6.0+dfsg/Montage/mSubimage.c
Examining data/montage-6.0+dfsg/Montage/mConvert.c
Examining data/montage-6.0+dfsg/Montage/overlapAreaPP.c
Examining data/montage-6.0+dfsg/Montage/checkWCS.c
Examining data/montage-6.0+dfsg/Montage/mTANHdr.c
Examining data/montage-6.0+dfsg/Montage/get_files.c
Examining data/montage-6.0+dfsg/Montage/mOverlaps.c
Examining data/montage-6.0+dfsg/Montage/mImgtbl.c
Examining data/montage-6.0+dfsg/Montage/hdr_rec.h
Examining data/montage-6.0+dfsg/Montage/mHdrtbl.c
Examining data/montage-6.0+dfsg/Montage/print_hrec.c
Examining data/montage-6.0+dfsg/Montage/mMakeImg.c
Examining data/montage-6.0+dfsg/Montage/mGetHdr.c
Examining data/montage-6.0+dfsg/Montage/mDiffExec.c
Examining data/montage-6.0+dfsg/Montage/mBackground.c
Examining data/montage-6.0+dfsg/Montage/mBgExec.c
Examining data/montage-6.0+dfsg/Montage/mAddExec.c
Examining data/montage-6.0+dfsg/Montage/get_hdr.c
Examining data/montage-6.0+dfsg/Montage/mTileImage.c
Examining data/montage-6.0+dfsg/Montage/mSubset.c
Examining data/montage-6.0+dfsg/Montage/mPutHdr.c
Examining data/montage-6.0+dfsg/Montage/mBgModel.c
Examining data/montage-6.0+dfsg/Montage/mTileHdr.c
Examining data/montage-6.0+dfsg/util/Rotate/mRotate.c
Examining data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c
Examining data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c
Examining data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c
Examining data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c
Examining data/montage-6.0+dfsg/util/Examine/mExamine.c
Examining data/montage-6.0+dfsg/util/Hdr/mHdr.c
Examining data/montage-6.0+dfsg/util/Transpose/mTranspose.c
Examining data/montage-6.0+dfsg/util/Pix2Coord/mPix2Coord.c
Examining data/montage-6.0+dfsg/util/Pix2Coord/mFixHdr.c
Examining data/montage-6.0+dfsg/util/Pad/mPad.c
Examining data/montage-6.0+dfsg/util/Search/mSearch.c
Examining data/montage-6.0+dfsg/util/Search/rtree/index.h
Examining data/montage-6.0+dfsg/util/Search/rtree/rect.c
Examining data/montage-6.0+dfsg/util/Search/rtree/rtree.h
Examining data/montage-6.0+dfsg/util/Search/rtree/card.h
Examining data/montage-6.0+dfsg/util/Search/rtree/mfmalloc.c
Examining data/montage-6.0+dfsg/util/Search/rtree/split_q.c
Examining data/montage-6.0+dfsg/util/Search/rtree/index.c
Examining data/montage-6.0+dfsg/util/Search/rtree/mfmalloc.h
Examining data/montage-6.0+dfsg/util/Search/rtree/card.c
Examining data/montage-6.0+dfsg/util/Search/rtree/test.c
Examining data/montage-6.0+dfsg/util/Search/rtree/split_q.h
Examining data/montage-6.0+dfsg/util/Search/rtree/node.c
Examining data/montage-6.0+dfsg/util/FixNaN/mFixNaN.c
Examining data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c
Examining data/montage-6.0+dfsg/util/Viewer/graphics.c
Examining data/montage-6.0+dfsg/util/Viewer/mViewer.c
Examining data/montage-6.0+dfsg/util/Viewer/grid.c
Examining data/montage-6.0+dfsg/util/Viewer/mHistogram.c
Examining data/montage-6.0+dfsg/util/TblExec/mTblExec.c
Examining data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c
Examining data/montage-6.0+dfsg/util/MovingTarget/rtree/index.h
Examining data/montage-6.0+dfsg/util/MovingTarget/rtree/rect.c
Examining data/montage-6.0+dfsg/util/MovingTarget/rtree/rtree.h
Examining data/montage-6.0+dfsg/util/MovingTarget/rtree/card.h
Examining data/montage-6.0+dfsg/util/MovingTarget/rtree/mfmalloc.c
Examining data/montage-6.0+dfsg/util/MovingTarget/rtree/split_q.c
Examining data/montage-6.0+dfsg/util/MovingTarget/rtree/index.c
Examining data/montage-6.0+dfsg/util/MovingTarget/rtree/mfmalloc.h
Examining data/montage-6.0+dfsg/util/MovingTarget/rtree/card.c
Examining data/montage-6.0+dfsg/util/MovingTarget/rtree/split_q.h
Examining data/montage-6.0+dfsg/util/MovingTarget/rtree/node.c
Examining data/montage-6.0+dfsg/util/Exec/mExec.c
Examining data/montage-6.0+dfsg/util/BestImage/mBestImage.c
Examining data/montage-6.0+dfsg/util/CatMap/mCatMap.c
Examining data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c
Examining data/montage-6.0+dfsg/util/Calibrate/mCalExec.c
Examining data/montage-6.0+dfsg/util/JPEG/mJPEG.c
Examining data/montage-6.0+dfsg/grid/Pegasus/hashtable.h
Examining data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c
Examining data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c
Examining data/montage-6.0+dfsg/grid/Pegasus/mDAG.c
Examining data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c
Examining data/montage-6.0+dfsg/grid/Pegasus/hashtable.c
Examining data/montage-6.0+dfsg/grid/Pegasus/mDAGFiles.c
Examining data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c
Examining data/montage-6.0+dfsg/grid/Pegasus/mNotify.c
Examining data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c
Examining data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c
Examining data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c
Examining data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c
Examining data/montage-6.0+dfsg/grid/Globus/NotifyTG/mNotifyTG.c
Examining data/montage-6.0+dfsg/MontageLib/Background/mBackground.h
Examining data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c
Examining data/montage-6.0+dfsg/MontageLib/Background/mBackground.c
Examining data/montage-6.0+dfsg/MontageLib/AddCube/mAddCube.c
Examining data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c
Examining data/montage-6.0+dfsg/MontageLib/AddCube/mAddCube.h
Examining data/montage-6.0+dfsg/MontageLib/Subset/mSubset.h
Examining data/montage-6.0+dfsg/MontageLib/Subset/mSubset.c
Examining data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c
Examining data/montage-6.0+dfsg/MontageLib/BgExec/mBgExec.h
Examining data/montage-6.0+dfsg/MontageLib/BgExec/mBgExec.c
Examining data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c
Examining data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c
Examining data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c
Examining data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.h
Examining data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c
Examining data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c
Examining data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.h
Examining data/montage-6.0+dfsg/MontageLib/test/example.c
Examining data/montage-6.0+dfsg/MontageLib/util/checkFile.c
Examining data/montage-6.0+dfsg/MontageLib/util/checkHdr.c
Examining data/montage-6.0+dfsg/MontageLib/util/debugCheck.c
Examining data/montage-6.0+dfsg/MontageLib/util/filePath.c
Examining data/montage-6.0+dfsg/MontageLib/util/version.c
Examining data/montage-6.0+dfsg/MontageLib/util/checkWCS.c
Examining data/montage-6.0+dfsg/MontageLib/Fitplane/mFitplane.c
Examining data/montage-6.0+dfsg/MontageLib/Fitplane/mFitplane.h
Examining data/montage-6.0+dfsg/MontageLib/Fitplane/montageFitplane.c
Examining data/montage-6.0+dfsg/MontageLib/PutHdr/mPutHdr.h
Examining data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c
Examining data/montage-6.0+dfsg/MontageLib/PutHdr/mPutHdr.c
Examining data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c
Examining data/montage-6.0+dfsg/MontageLib/Examine/mExamine.c
Examining data/montage-6.0+dfsg/MontageLib/Examine/mExamine.h
Examining data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.h
Examining data/montage-6.0+dfsg/MontageLib/MakeImg/ltqnorm.c
Examining data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c
Examining data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c
Examining data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.h
Examining data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c
Examining data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c
Examining data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c
Examining data/montage-6.0+dfsg/MontageLib/Overlaps/mOverlaps.h
Examining data/montage-6.0+dfsg/MontageLib/Overlaps/mOverlaps.c
Examining data/montage-6.0+dfsg/MontageLib/Transpose/mTranspose.h
Examining data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c
Examining data/montage-6.0+dfsg/MontageLib/Transpose/mTranspose.c
Examining data/montage-6.0+dfsg/MontageLib/ShrinkCube/mShrinkCube.c
Examining data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c
Examining data/montage-6.0+dfsg/MontageLib/ShrinkCube/mShrinkCube.h
Examining data/montage-6.0+dfsg/MontageLib/TANHdr/mTANHdr.h
Examining data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c
Examining data/montage-6.0+dfsg/MontageLib/TANHdr/mTANHdr.c
Examining data/montage-6.0+dfsg/MontageLib/Diff/mDiff.c
Examining data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c
Examining data/montage-6.0+dfsg/MontageLib/Diff/mDiff.h
Examining data/montage-6.0+dfsg/MontageLib/Shrink/mShrink.h
Examining data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c
Examining data/montage-6.0+dfsg/MontageLib/Shrink/mShrink.c
Examining data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.h
Examining data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c
Examining data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.c
Examining data/montage-6.0+dfsg/MontageLib/FixNaN/mFixNaN.h
Examining data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c
Examining data/montage-6.0+dfsg/MontageLib/FixNaN/mFixNaN.c
Examining data/montage-6.0+dfsg/MontageLib/Project/mProject.h
Examining data/montage-6.0+dfsg/MontageLib/Project/mProject.c
Examining data/montage-6.0+dfsg/MontageLib/Project/montageProject.c
Examining data/montage-6.0+dfsg/MontageLib/MakeHdr/mMakeHdr.c
Examining data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c
Examining data/montage-6.0+dfsg/MontageLib/MakeHdr/mMakeHdr.h
Examining data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.h
Examining data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c
Examining data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c
Examining data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c
Examining data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c
Examining data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.h
Examining data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_graphics.c
Examining data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.h
Examining data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c
Examining data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c
Examining data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c
Examining data/montage-6.0+dfsg/MontageLib/FitExec/montageFitExec.c
Examining data/montage-6.0+dfsg/MontageLib/FitExec/mFitExec.c
Examining data/montage-6.0+dfsg/MontageLib/FitExec/mFitExec.h
Examining data/montage-6.0+dfsg/MontageLib/Add/mAdd.c
Examining data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c
Examining data/montage-6.0+dfsg/MontageLib/Add/mAdd.h
Examining data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c
Examining data/montage-6.0+dfsg/MontageLib/CoverageCheck/mCoverageCheck.c
Examining data/montage-6.0+dfsg/MontageLib/CoverageCheck/mCoverageCheck.h
Examining data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c
Examining data/montage-6.0+dfsg/MontageLib/BestImage/mBestImage.h
Examining data/montage-6.0+dfsg/MontageLib/BestImage/mBestImage.c
Examining data/montage-6.0+dfsg/MontageLib/ArchiveGet/mArchiveGet.h
Examining data/montage-6.0+dfsg/MontageLib/ArchiveGet/mArchiveGet.c
Examining data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c
Examining data/montage-6.0+dfsg/MontageLib/ArchiveExec/mArchiveExec.h
Examining data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c
Examining data/montage-6.0+dfsg/MontageLib/ArchiveExec/mArchiveExec.c
Examining data/montage-6.0+dfsg/MontageLib/DiffExec/mDiffExec.h
Examining data/montage-6.0+dfsg/MontageLib/DiffExec/montageDiffExec.c
Examining data/montage-6.0+dfsg/MontageLib/DiffExec/mDiffExec.c
Examining data/montage-6.0+dfsg/MontageLib/mJupyter.c
Examining data/montage-6.0+dfsg/MontageLib/GetHdr/mGetHdr.h
Examining data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c
Examining data/montage-6.0+dfsg/MontageLib/GetHdr/mGetHdr.c
Examining data/montage-6.0+dfsg/MontageLib/ArchiveList/mArchiveList.h
Examining data/montage-6.0+dfsg/MontageLib/ArchiveList/mArchiveList.c
Examining data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c
Examining data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c
Examining data/montage-6.0+dfsg/MontageLib/DiffFitExec/mDiffFitExec.c
Examining data/montage-6.0+dfsg/MontageLib/DiffFitExec/mDiffFitExec.h
Examining data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c
Examining data/montage-6.0+dfsg/MontageLib/Subimage/mSubimage.h
Examining data/montage-6.0+dfsg/MontageLib/Subimage/mSubimage.c
Examining data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c
Examining data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c
Examining data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.h
Examining data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWT.c
Examining data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWTExec.c
Examining data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c
Examining data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c
Examining data/montage-6.0+dfsg/MontageLib/BgModel/mBgModel.h
Examining data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c
Examining data/montage-6.0+dfsg/MontageLib/BgModel/mBgModel.c
Examining data/montage-6.0+dfsg/MontageLib/mLibDoc.c
Examining data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c
Examining data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.h
Examining data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c
Examining data/montage-6.0+dfsg/MontageLib/montage.h
Examining data/montage-6.0+dfsg/ancillary/HPXcvt.c
Examining data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c
Examining data/montage-6.0+dfsg/web/mViewer/sky2pix.c
Examining data/montage-6.0+dfsg/web/mViewer/checkFileExist.c
Examining data/montage-6.0+dfsg/web/mViewer/computeSkyDist.c
Examining data/montage-6.0+dfsg/web/mViewer/subsetImage.c
Examining data/montage-6.0+dfsg/web/mViewer/mviewer.h
Examining data/montage-6.0+dfsg/web/mViewer/constraintFilter.c
Examining data/montage-6.0+dfsg/web/mViewer/pix2sky.c
Examining data/montage-6.0+dfsg/web/mViewer/pick.c
Examining data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c
Examining data/montage-6.0+dfsg/web/mViewer/makeImage.c
Examining data/montage-6.0+dfsg/web/mViewer/printRetval.c
Examining data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c
Examining data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c
Examining data/montage-6.0+dfsg/web/mViewer/getFitshdr.c
Examining data/montage-6.0+dfsg/web/mViewer/extractViewParam.c
Examining data/montage-6.0+dfsg/web/mViewer/qsort.c
Examining data/montage-6.0+dfsg/web/mViewer/parseCsysstr.c
Examining data/montage-6.0+dfsg/web/mViewer/writeFitshdrHtml.c
Examining data/montage-6.0+dfsg/web/mViewer/mviewerUtil.c
Examining data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c
Examining data/montage-6.0+dfsg/web/mViewer/fileCopy.c
Examining data/montage-6.0+dfsg/web/mViewer/fitshdr.h
Examining data/montage-6.0+dfsg/web/mViewer/viewerapp.h
Examining data/montage-6.0+dfsg/web/mViewer/compute_normal.c
Examining data/montage-6.0+dfsg/web/mViewer/colorLookup.c
Examining data/montage-6.0+dfsg/web/mViewer/imZoom.c
Examining data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c
Examining data/montage-6.0+dfsg/web/mViewer/constructRetjson.c
Examining data/montage-6.0+dfsg/web/mTAP/tapColumns.c
Examining data/montage-6.0+dfsg/web/mTAP/tapResults.c
Examining data/montage-6.0+dfsg/web/mTAP/tapStatus.c
Examining data/montage-6.0+dfsg/web/mTAP/tapSubmit.c
FINAL RESULTS:
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1078:8: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
(void)strncat (newpixname, pixname, SZ_IM2PIXFILE);
data/montage-6.0+dfsg/lib/src/svc/test/structtest.c:23:10: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
while(gets(instr))
data/montage-6.0+dfsg/lib/src/svc/test/structtest.c:43:10: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
while(gets(instr))
data/montage-6.0+dfsg/lib/src/svc/test/test1.c:20:10: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
while(gets(cmdstr))
data/montage-6.0+dfsg/lib/src/svc/test/test3.c:27:10: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
while(gets(cmdstr))
data/montage-6.0+dfsg/lib/src/www/www.c:142:7: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(debugFile, 0666);
data/montage-6.0+dfsg/lib/src/www/www.c:1508:4: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(entries[nentry].fname, 0666);
data/montage-6.0+dfsg/util/Exec/mExec.c:613:7: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(workspace[0], 0755);
data/montage-6.0+dfsg/Montage/checkHdr.c:241:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpstr, fitsvalue+1);
data/montage-6.0+dfsg/Montage/checkHdr.c:247:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpstr, fitsvalue);
data/montage-6.0+dfsg/Montage/checkHdr.c:251:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "%-8s= %20s", fitskeyword, fitsvalue);
data/montage-6.0+dfsg/Montage/checkHdr.c:309:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pline, line);
data/montage-6.0+dfsg/Montage/checkHdr.c:590:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype1, value);
data/montage-6.0+dfsg/Montage/checkHdr.c:596:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype2, value);
data/montage-6.0+dfsg/Montage/filePath.c:49:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(base, path);
data/montage-6.0+dfsg/Montage/filePath.c:59:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(base, ptr);
data/montage-6.0+dfsg/Montage/get_files.c:44:7: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
char *mktemp(char *template);
data/montage-6.0+dfsg/Montage/get_files.c:80:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (dirname, "%s/%s", pathname, entry->d_name);
data/montage-6.0+dfsg/Montage/get_files.c:83:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hdr_rec.fname, dirname+2);
data/montage-6.0+dfsg/Montage/get_files.c:85:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hdr_rec.fname, dirname+hdrlen);
data/montage-6.0+dfsg/Montage/get_files.c:150:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpname, (char *)mktemp(template));
data/montage-6.0+dfsg/Montage/get_files.c:150:29: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
strcpy(tmpname, (char *)mktemp(template));
data/montage-6.0+dfsg/Montage/get_files.c:152:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "gunzip -c %s > %s", dirname, tmpname);
data/montage-6.0+dfsg/Montage/get_files.c:153:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/montage-6.0+dfsg/Montage/get_hdr.c:100:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (msg, "Cannot open FITS file %s", fname);
data/montage-6.0+dfsg/Montage/get_hdr.c:338:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fields[i].defval, ptr);
data/montage-6.0+dfsg/Montage/get_hdr.c:472:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hdr_rec->ctype1, wcs->ctype[0]);
data/montage-6.0+dfsg/Montage/get_hdr.c:473:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hdr_rec->ctype2, wcs->ctype[1]);
data/montage-6.0+dfsg/Montage/get_hdr.c:620:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fields[i].value, fields[i].defval);
data/montage-6.0+dfsg/Montage/get_hdr.c:632:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fields[i].value, ptr);
data/montage-6.0+dfsg/Montage/get_hdr.c:635:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fields[i].value, fields[i].defval);
data/montage-6.0+dfsg/Montage/get_hfiles.c:70:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (dirname, "%s/%s", pathname, entry->d_name);
data/montage-6.0+dfsg/Montage/get_hfiles.c:73:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hdr_rec.fname, dirname+2);
data/montage-6.0+dfsg/Montage/get_hfiles.c:75:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hdr_rec.fname, dirname+hdrlen);
data/montage-6.0+dfsg/Montage/get_hhdr.c:61:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (msg, "Cannot open header file %s", fname);
data/montage-6.0+dfsg/Montage/get_hhdr.c:95:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(header, str);
data/montage-6.0+dfsg/Montage/get_hhdr.c:151:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hdr_rec->ctype1, wcs->ctype[0]);
data/montage-6.0+dfsg/Montage/get_hhdr.c:152:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hdr_rec->ctype2, wcs->ctype[1]);
data/montage-6.0+dfsg/Montage/mAdd.c:443:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(argument, optarg);
data/montage-6.0+dfsg/Montage/mAdd.c:473:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, optarg);
data/montage-6.0+dfsg/Montage/mAdd.c:530:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/Montage/mAdd.c:531:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mAdd.c:532:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 2]);
data/montage-6.0+dfsg/Montage/mAdd.c:565:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_area_file, output_file);
data/montage-6.0+dfsg/Montage/mAdd.c:717:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inctype1[nfile], tval(ictype1));
data/montage-6.0+dfsg/Montage/mAdd.c:718:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inctype2[nfile], tval(ictype2));
data/montage-6.0+dfsg/Montage/mAdd.c:787:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, filePath(path, tval(ifname)));
data/montage-6.0+dfsg/Montage/mAdd.c:799:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile[nfile], filename);
data/montage-6.0+dfsg/Montage/mAdd.c:804:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inarea[nfile], filename);
data/montage-6.0+dfsg/Montage/mAdd.c:885:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "CRVAL1 CAR pixel offset (%-g) not integer for image %s", valOffset, infile[ifile]);
data/montage-6.0+dfsg/Montage/mAdd.c:896:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "CRVAL2 CAR pixel offset (%.2f) not integer for image %s", valOffset, infile[ifile]);
data/montage-6.0+dfsg/Montage/mAdd.c:1570:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", infile[ifile]);
data/montage-6.0+dfsg/Montage/mAdd.c:1602:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Area file %s missing or invalid FITS", inarea[ifile]);
data/montage-6.0+dfsg/Montage/mAdd.c:1632:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CTYPE1 does not match template", infile[ifile]);
data/montage-6.0+dfsg/Montage/mAdd.c:1638:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CTYPE2 does not match template", infile[ifile]);
data/montage-6.0+dfsg/Montage/mAdd.c:1646:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CRVAL1 does not match template", infile[ifile]);
data/montage-6.0+dfsg/Montage/mAdd.c:1652:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CRVAL2 does not match template", infile[ifile]);
data/montage-6.0+dfsg/Montage/mAdd.c:1662:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CD/CDELT does not match template", infile[ifile]);
data/montage-6.0+dfsg/Montage/mAdd.c:1668:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header EQUINOX does not match template", infile[ifile]);
data/montage-6.0+dfsg/Montage/mAdd.c:2136:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype, value);
data/montage-6.0+dfsg/Montage/mAddCube.c:309:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(argument, optarg);
data/montage-6.0+dfsg/Montage/mAddCube.c:339:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, optarg);
data/montage-6.0+dfsg/Montage/mAddCube.c:396:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/Montage/mAddCube.c:397:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mAddCube.c:398:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 2]);
data/montage-6.0+dfsg/Montage/mAddCube.c:431:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_area_file, output_file);
data/montage-6.0+dfsg/Montage/mAddCube.c:669:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, filePath(path, tval(ifname)));
data/montage-6.0+dfsg/Montage/mAddCube.c:681:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile[nfile], filename);
data/montage-6.0+dfsg/Montage/mAddCube.c:686:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inarea[nfile], filename);
data/montage-6.0+dfsg/Montage/mAddCube.c:1407:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", infile[ifile]);
data/montage-6.0+dfsg/Montage/mAddCube.c:1438:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Area file %s missing or invalid FITS", inarea[ifile]);
data/montage-6.0+dfsg/Montage/mAddCube.c:1468:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CTYPE1 does not match template", infile[ifile]);
data/montage-6.0+dfsg/Montage/mAddCube.c:1474:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CTYPE2 does not match template", infile[ifile]);
data/montage-6.0+dfsg/Montage/mAddCube.c:1480:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CRVAL1 does not match template", infile[ifile]);
data/montage-6.0+dfsg/Montage/mAddCube.c:1486:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CRVAL2 does not match template", infile[ifile]);
data/montage-6.0+dfsg/Montage/mAddCube.c:1495:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CD/CDELT does not match template", infile[ifile]);
data/montage-6.0+dfsg/Montage/mAddCube.c:1501:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header EQUINOX does not match template", infile[ifile]);
data/montage-6.0+dfsg/Montage/mAddCube.c:1951:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype, value);
data/montage-6.0+dfsg/Montage/mAddExec.c:285:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(argument, optarg);
data/montage-6.0+dfsg/Montage/mAddExec.c:317:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, optarg);
data/montage-6.0+dfsg/Montage/mAddExec.c:354:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(status_file, optarg);
data/montage-6.0+dfsg/Montage/mAddExec.c:399:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/Montage/mAddExec.c:400:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mAddExec.c:401:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_dir, argv[optind + 2]);
data/montage-6.0+dfsg/Montage/mAddExec.c:402:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 3]);
data/montage-6.0+dfsg/Montage/mAddExec.c:442:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_ext,(char *) &template_file[i]);
data/montage-6.0+dfsg/Montage/mAddExec.c:443:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_body,template_file);
data/montage-6.0+dfsg/Montage/mAddExec.c:491:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mTileHdr %s %s/%s_%d_%d%s %d %d %d %d %d %d",
data/montage-6.0+dfsg/Montage/mAddExec.c:506:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/Montage/mAddExec.c:514:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/Montage/mAddExec.c:542:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mSubset -f %s %s/%s_%d_%d%s %s/%s_%d_%d.tbl",
data/montage-6.0+dfsg/Montage/mAddExec.c:556:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/Montage/mAddExec.c:564:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/Montage/mAddExec.c:839:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd,path);
data/montage-6.0+dfsg/Montage/mAddExec.c:857:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd,status_file);
data/montage-6.0+dfsg/Montage/mAddExec.c:861:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fname, "%s/%s_%d_%d.tbl",
data/montage-6.0+dfsg/Montage/mAddExec.c:864:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd, fname);
data/montage-6.0+dfsg/Montage/mAddExec.c:868:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fname, "%s/%s_%d_%d%s",
data/montage-6.0+dfsg/Montage/mAddExec.c:871:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd, fname);
data/montage-6.0+dfsg/Montage/mAddExec.c:875:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd,output_dir);
data/montage-6.0+dfsg/Montage/mAddExec.c:877:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd,output_file);
data/montage-6.0+dfsg/Montage/mAddExec.c:885:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmd,fname);
data/montage-6.0+dfsg/Montage/mAddExec.c:895:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/Montage/mAddExec.c:899:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/Montage/mBackground.c:227:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[1]);
data/montage-6.0+dfsg/Montage/mBackground.c:235:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[2]);
data/montage-6.0+dfsg/Montage/mBackground.c:291:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[3]);
data/montage-6.0+dfsg/Montage/mBackground.c:292:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(corrfile, argv[4]);
data/montage-6.0+dfsg/Montage/mBackground.c:336:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, tval(ifname));
data/montage-6.0+dfsg/Montage/mBackground.c:395:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, input_file);
data/montage-6.0+dfsg/Montage/mBackground.c:399:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, line);
data/montage-6.0+dfsg/Montage/mBackground.c:401:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inarea, line);
data/montage-6.0+dfsg/Montage/mBackground.c:406:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, input_file);
data/montage-6.0+dfsg/Montage/mBackground.c:408:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inarea, input_file);
data/montage-6.0+dfsg/Montage/mBackground.c:416:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_area_file, output_file);
data/montage-6.0+dfsg/Montage/mBackground.c:839:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Area file %s missing or invalid FITS", areafile);
data/montage-6.0+dfsg/Montage/mBackground.c:846:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", fluxfile);
data/montage-6.0+dfsg/Montage/mBgExec.c:79:7: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
char *mktemp(char *template);
data/montage-6.0+dfsg/Montage/mBgExec.c:153:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, optarg);
data/montage-6.0+dfsg/Montage/mBgExec.c:204:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/Montage/mBgExec.c:205:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fitfile, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mBgExec.c:206:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(corrdir, argv[optind + 2]);
data/montage-6.0+dfsg/Montage/mBgExec.c:254:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(template, "%s/IMGTBLXXXXXX", corrdir);
data/montage-6.0+dfsg/Montage/mBgExec.c:255:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(imgsort, (char *)mktemp(template));
data/montage-6.0+dfsg/Montage/mBgExec.c:255:28: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
strcpy(imgsort, (char *)mktemp(template));
data/montage-6.0+dfsg/Montage/mBgExec.c:257:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mTblSort %s cntr %s", tblfile, imgsort);
data/montage-6.0+dfsg/Montage/mBgExec.c:267:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(status, svc_value("stat"));
data/montage-6.0+dfsg/Montage/mBgExec.c:272:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/Montage/mBgExec.c:293:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(template, "%s/CORTBLXXXXXX", corrdir);
data/montage-6.0+dfsg/Montage/mBgExec.c:294:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(corrsort, (char *)mktemp(template));
data/montage-6.0+dfsg/Montage/mBgExec.c:294:29: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
strcpy(corrsort, (char *)mktemp(template));
data/montage-6.0+dfsg/Montage/mBgExec.c:296:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mTblSort %s id %s", fitfile, corrsort);
data/montage-6.0+dfsg/Montage/mBgExec.c:306:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(status, svc_value("stat"));
data/montage-6.0+dfsg/Montage/mBgExec.c:311:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/Montage/mBgExec.c:503:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mBackground -n %s %s/%s %s %s %s",
data/montage-6.0+dfsg/Montage/mBgExec.c:506:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mBackground %s %s/%s %s %s %s",
data/montage-6.0+dfsg/Montage/mBgExec.c:517:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/Montage/mBgExec.c:521:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/Montage/mBgExec.c:551:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mBackground -n %s %s/%s 0. 0. 0.",
data/montage-6.0+dfsg/Montage/mBgExec.c:554:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mBackground %s %s/%s 0. 0. 0.",
data/montage-6.0+dfsg/Montage/mBgExec.c:620:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, tval(ifname));
data/montage-6.0+dfsg/Montage/mBgExec.c:645:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(a, tval(ia));
data/montage-6.0+dfsg/Montage/mBgExec.c:646:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(b, tval(ib));
data/montage-6.0+dfsg/Montage/mBgExec.c:647:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(c, tval(ic));
data/montage-6.0+dfsg/Montage/mBgModel.c:370:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(imgfile, argv[optind]);
data/montage-6.0+dfsg/Montage/mBgModel.c:371:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fitfile, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mBgModel.c:372:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(corrtbl, argv[optind + 2]);
data/montage-6.0+dfsg/Montage/mConvert.c:296:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[1]);
data/montage-6.0+dfsg/Montage/mConvert.c:304:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[2]);
data/montage-6.0+dfsg/Montage/mConvert.c:612:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", fluxfile);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:286:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, argv[i+1]);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:318:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, argv[1]);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:319:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile, argv[2]);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:320:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mode, argv[3]);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:569:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", "RA---TAN" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:570:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", "DEC--TAN" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1040:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(field[ii], tbl_rec[ii].name);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1112:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype1, tval(ictype1));
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1113:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype2, tval(ictype2));
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1152:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (proj, ctype1+4);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1217:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", ctype1 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1218:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", ctype2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1618:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype1, tval(ictype1));
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1619:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype2, tval(ictype2));
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1657:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (proj, ctype1+4);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1734:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", ctype1 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1735:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", ctype2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1760:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1764:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fullname, path);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1769:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fullname, fname);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1771:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, fullname);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1813:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype1, wcsimg->ctype[0]);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1814:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype2, wcsimg->ctype[1]);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2183:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpstr, "%s", out.clon);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2187:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpstr, "%s", out.clat);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2231:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpstr, tval(ifield[ii]));
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2233:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value[ii], tmpstr);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2240:18: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, fmt, value[ii]);
data/montage-6.0+dfsg/Montage/mDiff.c:210:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file1, argv[optind]);
data/montage-6.0+dfsg/Montage/mDiff.c:211:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file2, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mDiff.c:212:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 2]);
data/montage-6.0+dfsg/Montage/mDiff.c:213:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[optind + 3]);
data/montage-6.0+dfsg/Montage/mDiff.c:221:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_area_file, output_file);
data/montage-6.0+dfsg/Montage/mDiff.c:243:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, input_file1);
data/montage-6.0+dfsg/Montage/mDiff.c:247:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile[0], line);
data/montage-6.0+dfsg/Montage/mDiff.c:249:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inarea[0], line);
data/montage-6.0+dfsg/Montage/mDiff.c:254:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile[0], input_file1);
data/montage-6.0+dfsg/Montage/mDiff.c:256:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inarea[0], input_file1);
data/montage-6.0+dfsg/Montage/mDiff.c:264:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, input_file2);
data/montage-6.0+dfsg/Montage/mDiff.c:268:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile[1], line);
data/montage-6.0+dfsg/Montage/mDiff.c:270:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inarea[1], line);
data/montage-6.0+dfsg/Montage/mDiff.c:275:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile[1], input_file2);
data/montage-6.0+dfsg/Montage/mDiff.c:277:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inarea[1], input_file2);
data/montage-6.0+dfsg/Montage/mDiff.c:1206:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Area file %s missing or invalid FITS", areafile);
data/montage-6.0+dfsg/Montage/mDiff.c:1213:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", fluxfile);
data/montage-6.0+dfsg/Montage/mDiffExec.c:127:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, optarg);
data/montage-6.0+dfsg/Montage/mDiffExec.c:184:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/Montage/mDiffExec.c:185:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mDiffExec.c:186:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(diffdir, argv[optind + 2]);
data/montage-6.0+dfsg/Montage/mDiffExec.c:295:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname1, filePath(path, tval(ifname1)));
data/montage-6.0+dfsg/Montage/mDiffExec.c:296:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname2, filePath(path, tval(ifname2)));
data/montage-6.0+dfsg/Montage/mDiffExec.c:297:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(diffname, tval(idiffname));
data/montage-6.0+dfsg/Montage/mDiffExec.c:300:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mDiff -n %s %s %s %s", fname1, fname2,
data/montage-6.0+dfsg/Montage/mDiffExec.c:303:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mDiff %s %s %s %s", fname1, fname2,
data/montage-6.0+dfsg/Montage/mDiffExec.c:314:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/Montage/mDiffExec.c:318:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:129:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, optarg);
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:162:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:163:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:164:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(diffdir, argv[optind + 2]);
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:165:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fitfile, argv[optind + 3]);
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:229:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname1, filePath(path, tval(ifname1)));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:230:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname2, filePath(path, tval(ifname2)));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:231:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(diffname, tval(idiffname));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:237:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mDiff -n %s %s %s %s", fname1, fname2,
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:240:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mDiff %s %s %s %s", fname1, fname2,
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:253:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd, svc_value((char *)NULL));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:259:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:263:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:280:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mFitplane -l %s", filePath(diffdir, diffname));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:282:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mFitplane %s", filePath(diffdir, diffname));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:294:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd, svc_value((char *)NULL));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:300:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:304:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:366:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rmname, filePath(diffdir, diffname));
data/montage-6.0+dfsg/Montage/mFitExec.c:211:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/Montage/mFitExec.c:212:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fitfile, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mFitExec.c:213:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(diffdir, argv[optind + 2]);
data/montage-6.0+dfsg/Montage/mFitExec.c:217:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(orig_fitfile, fitfile);
data/montage-6.0+dfsg/Montage/mFitExec.c:218:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(fitfile, "%s_%d", orig_fitfile, MPI_rank);
data/montage-6.0+dfsg/Montage/mFitExec.c:308:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname1, tval(ifname1));
data/montage-6.0+dfsg/Montage/mFitExec.c:309:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname2, tval(ifname2));
data/montage-6.0+dfsg/Montage/mFitExec.c:311:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(diffname, diffdir);
data/montage-6.0+dfsg/Montage/mFitExec.c:313:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(diffname, tval(idiffname));
data/montage-6.0+dfsg/Montage/mFitExec.c:323:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mFitplane -l %s", diffname);
data/montage-6.0+dfsg/Montage/mFitExec.c:325:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mFitplane %s", diffname);
data/montage-6.0+dfsg/Montage/mFitExec.c:335:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/Montage/mFitExec.c:339:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/Montage/mFitExec.c:426:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(fitfile, "%s_%d", orig_fitfile, i);
data/montage-6.0+dfsg/Montage/mFitplane.c:210:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[optind]);
data/montage-6.0+dfsg/Montage/mFlattenExec.c:121:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, optarg);
data/montage-6.0+dfsg/Montage/mFlattenExec.c:154:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/Montage/mFlattenExec.c:155:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(flatdir, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mFlattenExec.c:219:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, filePath(path, tval(ifname)));
data/montage-6.0+dfsg/Montage/mFlattenExec.c:222:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mFitplane -l %s", fname);
data/montage-6.0+dfsg/Montage/mFlattenExec.c:224:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mFitplane %s", fname);
data/montage-6.0+dfsg/Montage/mFlattenExec.c:234:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/Montage/mFlattenExec.c:238:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/Montage/mFlattenExec.c:267:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mBackground -n %s %s %12.5e %12.5e %12.5e",
data/montage-6.0+dfsg/Montage/mFlattenExec.c:270:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mBackground %s %s %12.5e %12.5e %12.5e",
data/montage-6.0+dfsg/Montage/mFlattenExec.c:281:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/Montage/mFlattenExec.c:285:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/Montage/mGetHdr.c:129:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, argv[optind]);
data/montage-6.0+dfsg/Montage/mGetHdr.c:130:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hdrfile, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mGetHdr.c:150:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileBase, ptr);
data/montage-6.0+dfsg/Montage/mGetHdr.c:282:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, card);
data/montage-6.0+dfsg/Montage/mGetHdr.c:291:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(keyword, line);
data/montage-6.0+dfsg/Montage/mHdrCheck.c:87:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, optarg);
data/montage-6.0+dfsg/Montage/mHdrCheck.c:104:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, argv[optind]);
data/montage-6.0+dfsg/Montage/mHdrtbl.c:49:7: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
char *mktemp(char *template);
data/montage-6.0+dfsg/Montage/mHdrtbl.c:161:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathname, argv[optind]);
data/montage-6.0+dfsg/Montage/mHdrtbl.c:162:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblname, argv[optind+1]);
data/montage-6.0+dfsg/Montage/mHdrtbl.c:228:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpname, (char *)mktemp(template));
data/montage-6.0+dfsg/Montage/mHdrtbl.c:228:28: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
strcpy(tmpname, (char *)mktemp(template));
data/montage-6.0+dfsg/Montage/mHdrtbl.c:342:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/Montage/mHdrtbl.c:350:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (dirname, "%s/%s", pathname, fname);
data/montage-6.0+dfsg/Montage/mHdrtbl.c:352:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hdr_rec.fname, fname);
data/montage-6.0+dfsg/Montage/mImgtbl.c:49:7: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
char *mktemp(char *template);
data/montage-6.0+dfsg/Montage/mImgtbl.c:262:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fields[nfields].name, pname);
data/montage-6.0+dfsg/Montage/mImgtbl.c:263:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fields[nfields].type, ptype);
data/montage-6.0+dfsg/Montage/mImgtbl.c:345:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathname, argv[optind]);
data/montage-6.0+dfsg/Montage/mImgtbl.c:346:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblname, argv[optind+1]);
data/montage-6.0+dfsg/Montage/mImgtbl.c:360:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fields[nfields].name, cname[i]);
data/montage-6.0+dfsg/Montage/mImgtbl.c:361:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fields[nfields].type, ctype[i]);
data/montage-6.0+dfsg/Montage/mImgtbl.c:438:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpname, (char *)mktemp(template));
data/montage-6.0+dfsg/Montage/mImgtbl.c:438:28: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
strcpy(tmpname, (char *)mktemp(template));
data/montage-6.0+dfsg/Montage/mImgtbl.c:552:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/Montage/mImgtbl.c:560:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (dirname, "%s/%s", pathname, fname);
data/montage-6.0+dfsg/Montage/mImgtbl.c:562:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hdr_rec.fname, fname);
data/montage-6.0+dfsg/Montage/mImgtbl.c:613:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpname, mktemp(template));
data/montage-6.0+dfsg/Montage/mImgtbl.c:613:32: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
strcpy(tmpname, mktemp(template));
data/montage-6.0+dfsg/Montage/mImgtbl.c:616:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "gunzip -c %s > %s", dirname, tmpname);
data/montage-6.0+dfsg/Montage/mImgtbl.c:617:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:312:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:313:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:381:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fnames[0], tblfile);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:395:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fnames[ntables], tval(itable));
data/montage-6.0+dfsg/Montage/mMakeHdr.c:436:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, fnames[ifiles]);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:622:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(epochStr, keyval);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:627:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(epochStr, keyval);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:632:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(epochStr, keyval);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:637:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(epochStr, keyval);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:645:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:650:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:655:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:660:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:665:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:670:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:675:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:680:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:685:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:690:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:971:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input.ctype1, tval(ictype1));
data/montage-6.0+dfsg/Montage/mMakeHdr.c:972:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input.ctype2, tval(ictype2));
data/montage-6.0+dfsg/Montage/mMakeHdr.c:997:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", input.ctype1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:998:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", input.ctype2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mMakeImg.c:270:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(arrayfile, argv[index+1]);
data/montage-6.0+dfsg/Montage/mMakeImg.c:331:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(table_file[nfile], argv[index+1]);
data/montage-6.0+dfsg/Montage/mMakeImg.c:332:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colname [nfile], argv[index+2]);
data/montage-6.0+dfsg/Montage/mMakeImg.c:357:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(image_file[nfile], argv[index+1]);
data/montage-6.0+dfsg/Montage/mMakeImg.c:372:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[index]);
data/montage-6.0+dfsg/Montage/mMakeImg.c:379:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[index]);
data/montage-6.0+dfsg/Montage/mMakeImg.c:1494:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(header[0], line);
data/montage-6.0+dfsg/Montage/mMakeImg.c:1705:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(val, valstr);
data/montage-6.0+dfsg/Montage/mMakeImg.c:1726:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(val, valstr);
data/montage-6.0+dfsg/Montage/mMakeImg.c:1744:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(val, valstr);
data/montage-6.0+dfsg/Montage/mOverlaps.c:239:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/Montage/mOverlaps.c:240:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(difftbl, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mOverlaps.c:407:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input[nimages].fname, fileName(tval(ifname)));
data/montage-6.0+dfsg/Montage/mOverlaps.c:414:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input[nimages].ctype1, tval(ictype1));
data/montage-6.0+dfsg/Montage/mOverlaps.c:415:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input[nimages].ctype2, tval(ictype2));
data/montage-6.0+dfsg/Montage/mOverlaps.c:447:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", input[nimages].ctype1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:448:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", input[nimages].ctype2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:671:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, fmt, "plus", "minus");
data/montage-6.0+dfsg/Montage/mOverlaps.c:674:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, fmt, "char", "char");
data/montage-6.0+dfsg/Montage/mOverlaps.c:879:16: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, fmt, input[k].cntr, input[l].cntr,
data/montage-6.0+dfsg/Montage/mOverlaps.c:923:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, fmt, input[k].cntr, input[l].cntr,
data/montage-6.0+dfsg/Montage/mOverlaps.c:954:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, fmt, input[k].cntr, input[l].cntr,
data/montage-6.0+dfsg/Montage/mOverlaps.c:994:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, fmt, input[k].cntr, input[l].cntr,
data/montage-6.0+dfsg/Montage/mOverlaps.c:1025:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, fmt, input[k].cntr, input[l].cntr,
data/montage-6.0+dfsg/Montage/mProjExec.c:202:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, optarg);
data/montage-6.0+dfsg/Montage/mProjExec.c:230:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(border, optarg);
data/montage-6.0+dfsg/Montage/mProjExec.c:234:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(scaleCol, optarg);
data/montage-6.0+dfsg/Montage/mProjExec.c:238:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(weightCol, optarg);
data/montage-6.0+dfsg/Montage/mProjExec.c:316:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/Montage/mProjExec.c:317:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mProjExec.c:318:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(projdir, argv[optind + 2]);
data/montage-6.0+dfsg/Montage/mProjExec.c:319:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(stats, argv[optind + 3]);
data/montage-6.0+dfsg/Montage/mProjExec.c:355:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(orig_stats, stats);
data/montage-6.0+dfsg/Montage/mProjExec.c:356:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(stats, "%s_%d", orig_stats, MPI_rank);
data/montage-6.0+dfsg/Montage/mProjExec.c:416:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mTANHdr %s %s/%s", template, projdir, altoutstr);
data/montage-6.0+dfsg/Montage/mProjExec.c:426:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/Montage/mProjExec.c:576:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, filePath(path, tval(ifname)));
data/montage-6.0+dfsg/Montage/mProjExec.c:578:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile, projdir);
data/montage-6.0+dfsg/Montage/mProjExec.c:588:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fname, "%s%s", hdustr, fileName(tval(ifname)));
data/montage-6.0+dfsg/Montage/mProjExec.c:590:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outfile, fname);
data/montage-6.0+dfsg/Montage/mProjExec.c:724:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mGetHdr %s %s %s/%s", hdustr, infile, projdir, origstr);
data/montage-6.0+dfsg/Montage/mProjExec.c:734:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/Montage/mProjExec.c:738:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/Montage/mProjExec.c:751:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mTANHdr %s/%s %s/%s",
data/montage-6.0+dfsg/Montage/mProjExec.c:762:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/Montage/mProjExec.c:768:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/Montage/mProjExec.c:858:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(scaleStr, "-x %-g%s", scale, wholeStr);
data/montage-6.0+dfsg/Montage/mProjExec.c:861:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(scaleStr, wholeStr);
data/montage-6.0+dfsg/Montage/mProjExec.c:871:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectCube %s %s %s %s %s %s",
data/montage-6.0+dfsg/Montage/mProjExec.c:877:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectQL %s %s %s %s %s %s",
data/montage-6.0+dfsg/Montage/mProjExec.c:881:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProject %s %s %s %s %s %s",
data/montage-6.0+dfsg/Montage/mProjExec.c:885:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectPP %s %s %s -i %s/%s -o %s/%s %s %s %s",
data/montage-6.0+dfsg/Montage/mProjExec.c:889:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectPP %s %s %s -i %s/%s %s %s %s",
data/montage-6.0+dfsg/Montage/mProjExec.c:893:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectPP %s %s %s -o %s/%s %s %s %s",
data/montage-6.0+dfsg/Montage/mProjExec.c:897:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectPP %s %s %s %s %s %s",
data/montage-6.0+dfsg/Montage/mProjExec.c:901:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProject %s %s %s %s %s %s",
data/montage-6.0+dfsg/Montage/mProjExec.c:907:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectQL %s %s %s -b \"%s\" %s %s %s",
data/montage-6.0+dfsg/Montage/mProjExec.c:911:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProject %s %s %s -b \"%s\" %s %s %s",
data/montage-6.0+dfsg/Montage/mProjExec.c:915:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectPP %s %s %s -b \"%s\" -i %s/%s -o %s/%s %s %s %s",
data/montage-6.0+dfsg/Montage/mProjExec.c:919:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectPP %s %s %s -b \"%s\" -i %s/%s %s %s %s",
data/montage-6.0+dfsg/Montage/mProjExec.c:923:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectPP %s %s %s -b \"%s\" -o %s/%s %s %s %s",
data/montage-6.0+dfsg/Montage/mProjExec.c:927:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectPP %s %s %s -b \"%s\" %s %s %s",
data/montage-6.0+dfsg/Montage/mProjExec.c:931:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProject %s %s %s -b \"%s\" %s %s %s",
data/montage-6.0+dfsg/Montage/mProjExec.c:956:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/Montage/mProjExec.c:960:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/Montage/mProjExec.c:970:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/Montage/mProjExec.c:1024:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf(stats, "%s_%d", orig_stats, i);
data/montage-6.0+dfsg/Montage/mProject.c:352:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(weight_file, optarg);
data/montage-6.0+dfsg/Montage/mProject.c:438:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[optind]);
data/montage-6.0+dfsg/Montage/mProject.c:439:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mProject.c:440:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[optind + 2]);
data/montage-6.0+dfsg/Montage/mProject.c:461:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area_file, output_file);
data/montage-6.0+dfsg/Montage/mProject.c:2128:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, linein);
data/montage-6.0+dfsg/Montage/mProject.c:2232:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", filename);
data/montage-6.0+dfsg/Montage/mProject.c:2254:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Weight file %s missing or invalid FITS", weightfile);
data/montage-6.0+dfsg/Montage/mProjectCube.c:310:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(weight_file, optarg);
data/montage-6.0+dfsg/Montage/mProjectCube.c:382:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[optind]);
data/montage-6.0+dfsg/Montage/mProjectCube.c:383:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mProjectCube.c:384:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[optind + 2]);
data/montage-6.0+dfsg/Montage/mProjectCube.c:405:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area_file, output_file);
data/montage-6.0+dfsg/Montage/mProjectCube.c:2238:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, linein);
data/montage-6.0+dfsg/Montage/mProjectCube.c:2342:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", filename);
data/montage-6.0+dfsg/Montage/mProjectCube.c:2364:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Weight file %s missing or invalid FITS", weightfile);
data/montage-6.0+dfsg/Montage/mProjectCube.c:2387:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", filename);
data/montage-6.0+dfsg/Montage/mProjectPP.c:329:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(altin, optarg);
data/montage-6.0+dfsg/Montage/mProjectPP.c:333:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(altout, optarg);
data/montage-6.0+dfsg/Montage/mProjectPP.c:338:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(weight_file, optarg);
data/montage-6.0+dfsg/Montage/mProjectPP.c:434:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[optind]);
data/montage-6.0+dfsg/Montage/mProjectPP.c:435:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mProjectPP.c:436:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[optind + 2]);
data/montage-6.0+dfsg/Montage/mProjectPP.c:463:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area_file, output_file);
data/montage-6.0+dfsg/Montage/mProjectPP.c:519:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Input image projection (%s) must be TAN, SIN, ZEA, STG or ARC for fast reprojection", input.wcs->ptype);
data/montage-6.0+dfsg/Montage/mProjectPP.c:567:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Output image projection (%s) must be TAN, SIN, ZEA, STG or ARC for fast reprojection", output.wcs->ptype);
data/montage-6.0+dfsg/Montage/mProjectPP.c:1653:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "Template file [%s] not found.", filename);
data/montage-6.0+dfsg/Montage/mProjectPP.c:1694:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(alt_input_header, headerStr);
data/montage-6.0+dfsg/Montage/mProjectPP.c:1789:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(alt_output_header, headerStr);
data/montage-6.0+dfsg/Montage/mProjectPP.c:1791:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_header, headerStr);
data/montage-6.0+dfsg/Montage/mProjectPP.c:1896:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, linein);
data/montage-6.0+dfsg/Montage/mProjectPP.c:1999:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", filename);
data/montage-6.0+dfsg/Montage/mProjectPP.c:2021:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Weight file %s missing or invalid FITS", weightfile);
data/montage-6.0+dfsg/Montage/mProjectPP.c:2252:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, strin);
data/montage-6.0+dfsg/Montage/mPutHdr.c:174:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[optind]);
data/montage-6.0+dfsg/Montage/mPutHdr.c:175:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mPutHdr.c:176:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[optind + 2]);
data/montage-6.0+dfsg/Montage/mPutHdr.c:480:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", filename);
data/montage-6.0+dfsg/Montage/mShrink.c:228:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[optind]);
data/montage-6.0+dfsg/Montage/mShrink.c:229:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mShrink.c:366:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output.ctype1, input.ctype1);
data/montage-6.0+dfsg/Montage/mShrink.c:367:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output.ctype2, input.ctype2);
data/montage-6.0+dfsg/Montage/mShrink.c:387:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output.bunit, input.bunit);
data/montage-6.0+dfsg/Montage/mShrink.c:1208:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Image file %s missing or invalid FITS", fluxfile);
data/montage-6.0+dfsg/Montage/mShrink.c:1239:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(input.ctype1, ctype1);
data/montage-6.0+dfsg/Montage/mShrink.c:1245:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(input.ctype2, ctype2);
data/montage-6.0+dfsg/Montage/mShrink.c:1389:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(input.bunit, bunit);
data/montage-6.0+dfsg/Montage/mShrinkCube.c:201:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(statfile, optarg);
data/montage-6.0+dfsg/Montage/mShrinkCube.c:232:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[optind]);
data/montage-6.0+dfsg/Montage/mShrinkCube.c:233:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mShrinkCube.c:375:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output.ctype1, input.ctype1);
data/montage-6.0+dfsg/Montage/mShrinkCube.c:376:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output.ctype2, input.ctype2);
data/montage-6.0+dfsg/Montage/mShrinkCube.c:398:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output.bunit, input.bunit);
data/montage-6.0+dfsg/Montage/mShrinkCube.c:1297:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Image file %s missing or invalid FITS", fluxfile);
data/montage-6.0+dfsg/Montage/mShrinkCube.c:1337:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(input.ctype1, ctype1);
data/montage-6.0+dfsg/Montage/mShrinkCube.c:1343:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(input.ctype2, ctype2);
data/montage-6.0+dfsg/Montage/mShrinkCube.c:1493:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(input.bunit, bunit);
data/montage-6.0+dfsg/Montage/mSubCube.c:117:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(appname, argv[0]);
data/montage-6.0+dfsg/Montage/mSubCube.c:191:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(params.dConstraint[0], argv[i+1]);
data/montage-6.0+dfsg/Montage/mSubCube.c:199:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(params.dConstraint[1], argv[i+1]);
data/montage-6.0+dfsg/Montage/mSubCube.c:207:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(statfile, argv[i+1]);
data/montage-6.0+dfsg/Montage/mSubCube.c:415:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, argv[1]);
data/montage-6.0+dfsg/Montage/mSubCube.c:416:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile, argv[2]);
data/montage-6.0+dfsg/Montage/mSubimage.c:140:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(appname, argv[0]);
data/montage-6.0+dfsg/Montage/mSubimage.c:282:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, argv[1]);
data/montage-6.0+dfsg/Montage/mSubimage.c:283:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile, argv[2]);
data/montage-6.0+dfsg/Montage/mSubset.c:238:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/Montage/mSubset.c:239:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mSubset.c:240:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(subtbl, argv[optind + 2]);
data/montage-6.0+dfsg/Montage/mSubset.c:536:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input.ctype1, tval(ictype1));
data/montage-6.0+dfsg/Montage/mSubset.c:537:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input.ctype2, tval(ictype2));
data/montage-6.0+dfsg/Montage/mSubset.c:568:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", input.ctype1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:569:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", input.ctype2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mTANHdr.c:288:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(origtmpl, argv[optind]);
data/montage-6.0+dfsg/Montage/mTANHdr.c:289:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newtmpl, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1316:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cdelt1, value);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1321:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cdelt2, value);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1326:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(crota2, value);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1331:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cd11, value);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1336:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cd12, value);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1341:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cd21, value);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1346:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cd22, value);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1351:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc11, value);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1356:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc12, value);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1361:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc21, value);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1366:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc22, value);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1371:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(epoch, value);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1376:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(equinox, value);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1594:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s-TAN-SIP'", wcs->c1type);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1598:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s-TAN-SIP'", wcs->c2type);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1635:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CROTA2 = %s", crota2 );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1642:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CD1_1 = %s", cd11 );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1649:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CD1_2 = %s", cd12 );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1656:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CD2_1 = %s", cd21 );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1663:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CD2_2 = %s", cd22 );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1670:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "PC1_1 = %s", pc11 );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1677:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "PC1_2 = %s", pc12 );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1684:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "PC2_1 = %s", pc21 );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1691:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "PC2_2 = %s", pc22 );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1698:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "EPOCH = %s", epoch );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1705:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "EQUINOX = %s", equinox );
data/montage-6.0+dfsg/Montage/mTblSort.c:94:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblname, argv[1]);
data/montage-6.0+dfsg/Montage/mTblSort.c:95:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colname, argv[2]);
data/montage-6.0+dfsg/Montage/mTblSort.c:96:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outname, argv[3]);
data/montage-6.0+dfsg/Montage/mTileHdr.c:115:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(origtmpl, argv[optind]);
data/montage-6.0+dfsg/Montage/mTileHdr.c:116:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newtmpl, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/mTileImage.c:224:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(oname, "%si%dj%d.fits", head, ix, iy);
data/montage-6.0+dfsg/Montage/print_rec.c:89:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(tblf, fmt, tmpname);
data/montage-6.0+dfsg/Montage/print_rec.c:101:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(tblf, fmt, fields[i].type);
data/montage-6.0+dfsg/Montage/print_rec.c:121:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(tblf, fmt, tmpname);
data/montage-6.0+dfsg/Montage/print_rec.c:132:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(tblf, fmt, fields[i].type);
data/montage-6.0+dfsg/Montage/print_rec.c:165:8: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(tblf, fmt, fields[i].value);
data/montage-6.0+dfsg/Montage/projTest.c:154:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csys, optarg);
data/montage-6.0+dfsg/Montage/projTest.c:265:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(origtmpl, argv[optind]);
data/montage-6.0+dfsg/Montage/projTest.c:266:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newtmpl, argv[optind + 1]);
data/montage-6.0+dfsg/Montage/projTest.c:567:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s-TAN-SIP'", wcs->c1type);
data/montage-6.0+dfsg/Montage/projTest.c:569:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s-TAN-SIP'", wcs->c2type);
data/montage-6.0+dfsg/Montage/projTest.c:746:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s-TAN-SIP'", ctype1); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:747:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s-TAN-SIP'", ctype2); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:766:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s-TAN-SIP'", wcs->c1type); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:767:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s-TAN-SIP'", wcs->c2type); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:1095:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s-TAN'", ctype1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:1096:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s-TAN'", ctype2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/subCube.c:609:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list, params->dConstraint[index]);
data/montage-6.0+dfsg/MontageLib/Add/mAdd.c:62:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(argument, optarg);
data/montage-6.0+dfsg/MontageLib/Add/mAdd.c:119:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, optarg);
data/montage-6.0+dfsg/MontageLib/Add/mAdd.c:160:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/MontageLib/Add/mAdd.c:161:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/Add/mAdd.c:162:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(imgfile, argv[optind + 2]);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:322:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, inpath);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:382:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, outfile);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:388:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:408:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_area_file, output_file);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:429:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:449:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Invalid image metadata file: %s", tblfile);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:563:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inctype1[nfile], tval(ictype1));
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:564:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inctype2[nfile], tval(ictype2));
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:633:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, montage_filePath(path, tval(ifname)));
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:645:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile[nfile], filename);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:650:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inarea[nfile], filename);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:688:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:736:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "CRVAL1 CAR pixel offset (%-g) not integer for image %s", valOffset, infile[ifile]);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:738:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:749:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "CRVAL2 CAR pixel offset (%.2f) not integer for image %s", valOffset, infile[ifile]);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:751:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:774:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:785:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:847:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:853:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:902:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:967:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1060:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1071:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1082:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1093:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1103:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1127:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1133:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1161:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1169:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1186:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1200:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1227:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1241:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1261:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1270:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1284:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1294:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1303:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1312:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1321:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1330:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1344:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1353:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1363:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1372:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1396:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1432:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1457:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1473:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1526:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", infile[ifile]);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1529:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1549:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1556:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Area file %s missing or invalid FITS", inarea[ifile]);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1558:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1573:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1593:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CTYPE1 does not match template", infile[ifile]);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1595:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1601:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CTYPE2 does not match template", infile[ifile]);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1603:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1611:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CRVAL1 does not match template", infile[ifile]);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1613:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1619:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CRVAL2 does not match template", infile[ifile]);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1621:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1631:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CD/CDELT does not match template", infile[ifile]);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1633:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1639:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header EQUINOX does not match template", infile[ifile]);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1641:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1678:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1689:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1748:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1758:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1813:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1833:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1915:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1924:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1938:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1946:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2091:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype, value);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2143:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2156:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, msg);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2623:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "Allocation failed for %s.", label);
data/montage-6.0+dfsg/MontageLib/AddCube/mAddCube.c:62:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(argument, optarg);
data/montage-6.0+dfsg/MontageLib/AddCube/mAddCube.c:118:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, optarg);
data/montage-6.0+dfsg/MontageLib/AddCube/mAddCube.c:159:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/MontageLib/AddCube/mAddCube.c:160:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/AddCube/mAddCube.c:161:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(imgfile, argv[optind + 2]);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:244:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, inpath);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:306:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, outfile);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:312:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:332:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_area_file, output_file);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:353:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:373:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Invalid or missing image metadata file: %s", tblfile);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:513:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inctype1[nfile], tval(ictype1));
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:514:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inctype2[nfile], tval(ictype2));
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:583:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, montage_filePath(path, tval(ifname)));
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:595:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile[nfile], filename);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:600:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inarea[nfile], filename);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:646:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:695:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "CRVAL1 CAR pixel offset (%-g) not integer for image %s", valOffset, infile[ifile]);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:706:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "CRVAL2 CAR pixel offset (%.2f) not integer for image %s", valOffset, infile[ifile]);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:728:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:739:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:801:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:807:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:864:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:942:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1035:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1046:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1057:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1068:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1078:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1102:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1108:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1137:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1145:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1165:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1179:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1206:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1220:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1240:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1249:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1263:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1272:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1281:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1290:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1301:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1311:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1320:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1329:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1343:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1352:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1362:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1371:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1399:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1432:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1457:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1473:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1525:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1531:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", infile[ifile]);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1534:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1558:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1564:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Area file %s missing or invalid FITS", inarea[ifile]);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1566:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1580:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1595:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1601:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CTYPE1 does not match template", infile[ifile]);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1603:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1609:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CTYPE2 does not match template", infile[ifile]);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1611:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1617:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CRVAL1 does not match template", infile[ifile]);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1619:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1625:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CRVAL2 does not match template", infile[ifile]);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1627:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1636:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header CD/CDELT does not match template", infile[ifile]);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1638:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1644:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image %s header EQUINOX does not match template", infile[ifile]);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1646:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1705:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1715:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1777:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1790:31: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1844:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1863:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1947:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1960:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1981:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1988:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2005:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2006:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->json, montage_json);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2141:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype, value);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2219:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2235:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, msg);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2670:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "Allocation failed for %s.", label);
data/montage-6.0+dfsg/MontageLib/ArchiveExec/mArchiveExec.c:62:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, optarg);
data/montage-6.0+dfsg/MontageLib/ArchiveExec/mArchiveExec.c:86:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:74:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, inpath);
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:111:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Table %s needs column 'URL' or 'url' and can optionally have columns 'fname'/'file' and pixel ranges 'imin'..'jmax'",
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:138:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(url, tval(iurl));
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:148:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, tval(ifile));
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:157:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, ptr+1);
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:180:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filebase, file);
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:186:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(urlbase, url);
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:220:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "%s&X1=%d&X2=%d&Y1=%d&Y2=%d", urlbase, itmin, itmax - itmin + 1, jtmin, jtmax - jtmin + 1);
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:222:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file, "%s_%d_%d.fits", filebase, ix, jy);
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:260:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "gunzip %s", file);
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:261:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/mArchiveGet.c:75:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(urlStr, argv[optind]);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/mArchiveGet.c:80:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, argv[optind+1]);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:104:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmdv[3], timestr);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:106:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmdv[5], datafile);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:107:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmdv[6], url);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:132:7: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(cmdv[0], cmdv);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:295:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmdv[4], timestr);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:299:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmdv[8], datafile);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:300:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmdv[9], url);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:319:7: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(cmdv[0], cmdv);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:453:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile, infile);
data/montage-6.0+dfsg/MontageLib/ArchiveList/mArchiveList.c:47:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(survey, argv[1]);
data/montage-6.0+dfsg/MontageLib/ArchiveList/mArchiveList.c:48:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(band, argv[2]);
data/montage-6.0+dfsg/MontageLib/ArchiveList/mArchiveList.c:49:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(locstr, argv[3]);
data/montage-6.0+dfsg/MontageLib/ArchiveList/mArchiveList.c:50:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile, argv[6]);
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:123:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(constraint, "survey=%s+%s&location=%s&size=%.4f&units=deg&mode=TBL",
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:134:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Can't open output file %s", outfile);
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:146:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:165:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:174:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request, "GET http://%s:%d%s%s HTTP/1.0\r\n\r\n",
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:179:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request, "GET %s%s HTTP/1.0\r\nHOST: %s:%d\r\n\r\n",
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:230:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, line+10);
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:287:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "%s: connect failed.", hostname);
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:410:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hostStr, hostPtr);
data/montage-6.0+dfsg/MontageLib/Background/mBackground.c:134:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[1]);
data/montage-6.0+dfsg/MontageLib/Background/mBackground.c:142:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[2]);
data/montage-6.0+dfsg/MontageLib/Background/mBackground.c:198:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[3]);
data/montage-6.0+dfsg/MontageLib/Background/mBackground.c:199:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(corrfile, argv[4]);
data/montage-6.0+dfsg/MontageLib/Background/mBackground.c:241:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, tval(ifname));
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:149:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, ofile);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:156:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, input_file);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:160:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, line);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:162:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inarea, line);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:167:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, input_file);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:169:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inarea, input_file);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:177:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_area_file, output_file);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:203:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:355:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:370:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:433:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:444:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:464:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:473:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:487:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:495:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:508:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:518:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:538:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:570:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:594:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:609:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:655:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, checkHdr);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:665:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, checkHdr);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:671:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Area file %s missing or invalid FITS", areafile);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:679:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", fluxfile);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:721:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, msg);
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:739:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/BestImage/mBestImage.c:50:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(statfile, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/BestImage/mBestImage.c:80:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[1]);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:164:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "Invalid image metadata file: %s", tblfile);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:282:24: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if(ictype1 >= 0) strcpy(ctype1, tval(ictype1));
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:283:24: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if(ictype2 >= 0) strcpy(ctype2, tval(ictype2));
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:318:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:321:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(url, tval(iurl));
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:396:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", ctype1 ); mBestImage_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:397:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", ctype2 ); mBestImage_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:439:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkWCS);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:662:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bestName, fname);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:665:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bestURL, url);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:698:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "file=\"%s\", hdu=%d, url=\"%s\", edgedist=%.6f", bestName, bestHDU, bestURL, bestdist);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:699:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->json, "{\"file\":\"%s\", \"hdu\":%d, \"url\":\"%s\", \"edgedist\":%.6f}", bestName, bestHDU, bestURL, bestdist);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:701:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->file, bestName);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:705:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->url, bestURL);
data/montage-6.0+dfsg/MontageLib/BgExec/mBgExec.c:62:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, optarg);
data/montage-6.0+dfsg/MontageLib/BgExec/mBgExec.c:95:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/MontageLib/BgExec/mBgExec.c:96:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fitfile, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/BgExec/mBgExec.c:97:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(corrdir, argv[optind + 2]);
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:105:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, inpath);
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:116:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot access %s", corrdir);
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:122:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "%s is not a directory", corrdir);
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:137:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Invalid image metadata file: %s", tblfile);
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:209:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Invalid corrections file: %s", fitfile);
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:290:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, tval(ifname));
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:292:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ifile, "%s/%s", path, montage_fileName(file));
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:293:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ofile, "%s/%s", corrdir, montage_fileName(file));
data/montage-6.0+dfsg/MontageLib/BgModel/mBgModel.c:110:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(imgfile, argv[optind]);
data/montage-6.0+dfsg/MontageLib/BgModel/mBgModel.c:111:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fitfile, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/BgModel/mBgModel.c:112:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(corrtbl, argv[optind + 2]);
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:320:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Failed to open output %s", corrtbl);
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:333:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Invalid image metadata file: %s", imgfile);
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:435:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Invalid background fit parameters file: %s", fitfile);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/mCoverageCheck.c:85:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/mCoverageCheck.c:119:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, argv[1]);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/mCoverageCheck.c:120:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile, argv[2]);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/mCoverageCheck.c:121:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mode, argv[3]);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/mCoverageCheck.c:147:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hdrfile, argv[4]);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:229:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, inpath);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:280:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "[struct stat=\"ERROR\", msg=\"Usage: Input table file (%s) does not exist", infile);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:438:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", "RA---TAN" ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:439:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", "DEC--TAN" ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:456:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkWCS);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:759:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Error opening table %s", infile);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:768:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot create output file (%s)", outfile);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:867:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(field[ii], tbl_rec[ii].name);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:939:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype1, tval(ictype1));
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:940:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype2, tval(ictype2));
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:979:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (proj, ctype1+4);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1044:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", ctype1 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1045:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", ctype2 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1062:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkWCS);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1451:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype1, tval(ictype1));
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1452:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype2, tval(ictype2));
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1490:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (proj, ctype1+4);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1567:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", ctype1 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1568:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", ctype2 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1596:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1600:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fullname, path);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1605:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fullname, fname);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1607:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, fullname);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1613:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Image file %s missing or invalid FITS", fname);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1622:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, status_str);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1649:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype1, wcsimg->ctype[0]);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1650:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype2, wcsimg->ctype[1]);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1687:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkWCS);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2022:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpstr, "%s", out.clon);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2026:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpstr, "%s", out.clat);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2070:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpstr, tval(ifield[ii]));
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2072:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value[ii], tmpstr);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2079:18: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, fmt, value[ii]);
data/montage-6.0+dfsg/MontageLib/Diff/mDiff.c:94:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file1, argv[optind]);
data/montage-6.0+dfsg/MontageLib/Diff/mDiff.c:95:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file2, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/Diff/mDiff.c:96:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 2]);
data/montage-6.0+dfsg/MontageLib/Diff/mDiff.c:97:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[optind + 3]);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:197:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, ofile);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:208:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:216:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_area_file, output_file);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:238:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, input_file1);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:242:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile[0], line);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:244:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inarea[0], line);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:249:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile[0], input_file1);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:251:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inarea[0], input_file1);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:259:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, input_file2);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:263:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile[1], line);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:265:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inarea[1], line);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:270:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile[1], input_file2);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:272:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inarea[1], input_file2);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:294:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:316:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:356:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:365:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:372:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:438:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:447:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:459:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:549:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:625:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:653:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:799:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:817:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:950:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:974:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:990:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1012:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1034:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1061:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1083:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1111:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1128:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1150:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1167:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1184:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1201:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1218:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1235:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1252:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1269:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1286:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1303:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1337:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1374:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1404:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1426:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1455:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1456:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->json, montage_json);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1624:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Area file %s missing or invalid FITS", areafile);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1632:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", fluxfile);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1678:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1691:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, msg);
data/montage-6.0+dfsg/MontageLib/DiffExec/mDiffExec.c:61:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, optarg);
data/montage-6.0+dfsg/MontageLib/DiffExec/mDiffExec.c:94:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/MontageLib/DiffExec/mDiffExec.c:95:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/DiffExec/mDiffExec.c:96:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(diffdir, argv[optind + 2]);
data/montage-6.0+dfsg/MontageLib/DiffExec/montageDiffExec.c:82:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, inpath);
data/montage-6.0+dfsg/MontageLib/DiffExec/montageDiffExec.c:102:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot access %s", diffdir);
data/montage-6.0+dfsg/MontageLib/DiffExec/montageDiffExec.c:108:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "%s is not a directory", diffdir);
data/montage-6.0+dfsg/MontageLib/DiffExec/montageDiffExec.c:121:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Invalid image difference list file: %s", tblfile);
data/montage-6.0+dfsg/MontageLib/DiffExec/montageDiffExec.c:152:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname1, montage_filePath(path, tval(ifname1)));
data/montage-6.0+dfsg/MontageLib/DiffExec/montageDiffExec.c:153:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname2, montage_filePath(path, tval(ifname2)));
data/montage-6.0+dfsg/MontageLib/DiffExec/montageDiffExec.c:154:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(diffname, tval(idiffname));
data/montage-6.0+dfsg/MontageLib/DiffFitExec/mDiffFitExec.c:76:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, optarg);
data/montage-6.0+dfsg/MontageLib/DiffFitExec/mDiffFitExec.c:109:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/MontageLib/DiffFitExec/mDiffFitExec.c:110:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/DiffFitExec/mDiffFitExec.c:111:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(diffdir, argv[optind + 2]);
data/montage-6.0+dfsg/MontageLib/DiffFitExec/mDiffFitExec.c:112:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fitfile, argv[optind + 3]);
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:107:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, inpath);
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:134:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Invalid diffs metadata file: %s", tblfile);
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:181:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname1, montage_filePath(path, tval(ifname1)));
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:182:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname2, montage_filePath(path, tval(ifname2)));
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:183:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(diffname, tval(idiffname));
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:247:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rmname, montage_filePath(diffdir, diffname));
data/montage-6.0+dfsg/MontageLib/Examine/mExamine.c:150:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, argv[1]);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:213:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot open FITS file %s", infile);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:232:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot find WCS keys in FITS file %s", infile);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:240:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot find NAXIS keyword in FITS file %s", infile);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:248:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot find NAXIS1,2 keywords in FITS file %s", infile);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:268:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype1, wcs->ctype[0]);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:269:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype2, wcs->ctype[1]);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:291:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (proj, ctype1+5);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:714:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpstr, "\"proj\":\"%s\",", proj); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:714:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, "\"proj\":\"%s\",", proj); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:715:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpstr, " \"csys\":\"%s\",", csys_str); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:715:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"csys\":\"%s\",", csys_str); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:716:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"equinox\":%.1f,", equinox); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:717:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"naxis\":%ld,", naxis); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:718:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"naxis1\":%d,", (int)naxis1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:719:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"naxis2\":%d,", (int)naxis2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:723:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"naxis3\":%ld,", naxes[2]); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:728:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"naxis4\":%ld,", naxes[3]); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:731:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"crval1\":%.7f,", crval1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:732:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"crval2\":%.7f,", crval2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:733:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"crpix1\":%-g,", crpix1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:734:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"crpix2\":%-g,", crpix2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:735:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"cdelt1\":%.7f,", cdelt1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:736:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"cdelt2\":%.7f,", cdelt2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:737:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"crota2\":%.4f,", crota2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:738:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"lonc\":%.7f,", lonc); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:739:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"latc\":%.7f,", latc); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:740:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"ximgsize\":%.6f,", fabs(naxis1*cdelt1)); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:741:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"yimgsize\":%.6f,", fabs(naxis1*cdelt2)); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:742:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"rotequ\":%.4f,", rot); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:743:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"rac\":%.7f,", rac); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:744:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"decc\":%.7f,", decc); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:745:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"ra1\":%.7f,", ra1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:746:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"dec1\":%.7f,", dec1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:747:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"ra2\":%.7f,", ra2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:748:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"dec2\":%.7f,", dec2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:749:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"ra3\":%.7f,", ra3); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:750:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"dec3\":%.7f,", dec3); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:751:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"ra4\":%.7f,", ra4); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:752:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"dec4\":%.7f,", dec4); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:753:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"radius\":%.7f,", radius); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:754:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"radpix\":%.2f,", rpix); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:755:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"npixel\":%d,", npix); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:756:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"nnull\":%d,", nnull); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:757:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"aveflux\":%-g,", mean); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:758:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"rmsflux\":%-g,", rms); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:759:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"fluxref\":%-g,", val); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:760:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"sigmaref\":%-g,", sigmaref); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:761:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"xref\":%.0f,", valx); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:762:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"yref\":%.0f,", valy); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:763:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"raref\":%.7f,", valra); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:764:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"decref\":%.7f,", valdec); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:765:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"fluxmin\":%-g,", min); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:766:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"sigmamin\":%-g,", sigmamin); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:767:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"xmin\":%.0f,", minx); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:768:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"ymin\":%.0f,", miny); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:769:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"ramin\":%.7f,", minra); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:770:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"decmin\":%.7f,", mindec); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:771:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"fluxmax\":%-g,", max); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:772:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"sigmamax\":%-g,", sigmamax); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:773:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"xmax\":%.0f,", maxx); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:774:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"ymax\":%.0f,", maxy); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:775:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"ramax\":%.7f,", maxra); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:776:70: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"decmax\":%.7f", maxdec); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:779:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpstr, "proj=\"%s\",", proj); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:779:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, "proj=\"%s\",", proj); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:780:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpstr, " csys=\"%s\",", csys_str); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:780:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " csys=\"%s\",", csys_str); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:781:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " equinox=%.1f,", equinox); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:782:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " naxis=%ld,", naxis); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:783:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " naxis1=%d,", (int)naxis1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:784:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " naxis2=%d,", (int)naxis2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:788:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " naxis3=%ld,", naxes[2]); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:793:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " naxis4=%ld,", naxes[3]); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:796:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " crval1=%.7f,", crval1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:797:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " crval2=%.7f,", crval2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:798:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " crpix1=%-g,", crpix1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:799:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " crpix2=%-g,", crpix2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:800:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " cdelt1=%.7f,", cdelt1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:801:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " cdelt2=%.7f,", cdelt2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:802:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " crota2=%.4f,", crota2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:803:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " lonc=%.7f,", lonc); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:804:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " latc=%.7f,", latc); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:805:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " ximgsize=%.6f,", fabs(naxis1*cdelt1)); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:806:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " yimgsize=%.6f,", fabs(naxis1*cdelt2)); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:807:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " rotequ=%.4f,", rot); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:808:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " rac=%.7f,", rac); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:809:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " decc=%.7f,", decc); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:810:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " ra1=%.7f,", ra1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:811:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " dec1=%.7f,", dec1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:812:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " ra2=%.7f,", ra2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:813:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " dec2=%.7f,", dec2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:814:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " ra3=%.7f,", ra3); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:815:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " dec3=%.7f,", dec3); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:816:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " ra4=%.7f,", ra4); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:817:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " dec4=%.7f,", dec4); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:818:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " radius=%.7f,", radius); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:819:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " radpix=%.2f,", rpix); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:820:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " npixel=%d,", npix); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:821:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " nnull=%d,", nnull); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:822:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " aveflux=%-g,", mean); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:823:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " rmsflux=%-g,", rms); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:824:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " fluxref=%-g,", val); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:825:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " sigmaref=%-g,", sigmaref); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:826:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " xref=%.0f,", valx); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:827:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " yref=%.0f,", valy); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:828:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " raref=%.7f,", valra); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:829:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " decref=%.7f,", valdec); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:830:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " fluxmin=%-g,", min); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:831:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " sigmamin=%-g,", sigmamin); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:832:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " xmin=%.0f,", minx); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:833:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " ymin=%.0f,", miny); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:834:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " ramin=%.7f,", minra); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:835:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " decmin=%.7f,", mindec); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:836:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " fluxmax=%-g,", max); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:837:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " sigmamax=%-g,", sigmamax); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:838:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " xmax=%.0f,", maxx); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:839:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " ymax=%.0f,", maxy); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:840:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " ramax=%.7f,", maxra); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:841:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " decmax=%.7f", maxdec); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:993:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpstr, "\"proj\":\"%s\",", proj); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:993:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, "\"proj\":\"%s\",", proj); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:994:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpstr, " \"csys\":\"%s\",", csys_str); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:994:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"csys\":\"%s\",", csys_str); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:995:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"equinox\":%.1f,", equinox); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:996:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"naxis\":%ld,", naxis); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:997:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"naxis1\":%d,", (int)naxis1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:998:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"naxis2\":%d,", (int)naxis2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1002:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"naxis3\":%ld,", naxes[2]); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1007:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"naxis4\":%ld,", naxes[3]); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1010:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"crval1\":%.7f,", crval1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1011:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"crval2\":%.7f,", crval2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1012:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"crpix1\":%-g,", crpix1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1013:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"crpix2\":%-g,", crpix2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1014:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"cdelt1\":%.7f,", cdelt1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1015:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"cdelt2\":%.7f,", cdelt2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1016:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"crota2\":%.4f,", crota2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1017:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"lonc\":%.7f,", lonc); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1018:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"latc\":%.7f,", latc); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1019:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"ximgsize\":%.6f,", fabs(naxis1*cdelt1)); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1020:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"yimgsize\":%.6f,", fabs(naxis1*cdelt2)); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1021:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"rotequ\":%.4f,", rot); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1022:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"rac\":%.7f,", rac); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1023:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"decc\":%.7f,", decc); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1024:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"ra1\":%.7f,", ra1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1025:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"dec1\":%.7f,", dec1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1026:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"ra2\":%.7f,", ra2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1027:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"dec2\":%.7f,", dec2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1028:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"ra3\":%.7f,", ra3); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1029:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"dec3\":%.7f,", dec3); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1030:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"ra4\":%.7f,", ra4); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1031:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"dec4\":%.7f,", dec4); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1032:69: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " \"totalflux\":%.7e", ap[nflux/2].sum); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1034:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpstr, "proj=\"%s\",", proj); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1034:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, "proj=\"%s\",", proj); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1035:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmpstr, " csys=\"%s\",", csys_str); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1035:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " csys=\"%s\",", csys_str); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1036:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " equinox=%.1f,", equinox); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1037:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " naxis=%ld,", naxis); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1038:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " naxis1=%d,", (int)naxis1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1039:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " naxis2=%d,", (int)naxis2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1043:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " naxis3=%ld,", naxes[2]); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1048:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " naxis4=%ld,", naxes[3]); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1051:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " crval1=%.7f,", crval1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1052:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " crval2=%.7f,", crval2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1053:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " crpix1=%-g,", crpix1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1054:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " crpix2=%-g,", crpix2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1055:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " cdelt1=%.7f,", cdelt1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1056:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " cdelt2=%.7f,", cdelt2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1057:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " crota2=%.4f,", crota2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1058:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " lonc=%.7f,", lonc); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1059:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " latc=%.7f,", latc); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1060:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " ximgsize=%.6f,", fabs(naxis1*cdelt1)); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1061:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " yimgsize=%.6f,", fabs(naxis1*cdelt2)); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1062:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " rotequ=%.4f,", rot); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1063:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " rac=%.7f,", rac); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1064:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " decc=%.7f,", decc); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1065:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " ra1=%.7f,", ra1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1066:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " dec1=%.7f,", dec1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1067:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " ra2=%.7f,", ra2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1068:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " dec2=%.7f,", dec2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1069:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " ra3=%.7f,", ra3); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1070:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " dec3=%.7f,", dec3); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1071:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " ra4=%.7f,", ra4); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1072:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " dec4=%.7f,", dec4); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1073:65: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(tmpstr, " totalflux=%.7e", ap[nflux/2].sum); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1083:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1084:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->json, montage_json);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1085:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->proj, proj);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1086:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->csys, csys_str);
data/montage-6.0+dfsg/MontageLib/FitExec/mFitExec.c:88:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/MontageLib/FitExec/mFitExec.c:89:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fitfile, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/FitExec/mFitExec.c:90:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(diffdir, argv[optind + 2]);
data/montage-6.0+dfsg/MontageLib/FitExec/montageFitExec.c:128:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Invalid diffs metadata file: %s", tblfile);
data/montage-6.0+dfsg/MontageLib/FitExec/montageFitExec.c:170:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(diffname, montage_filePath(diffdir, tval(idiffname)));
data/montage-6.0+dfsg/MontageLib/Fitplane/mFitplane.c:125:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[optind]);
data/montage-6.0+dfsg/MontageLib/Fitplane/montageFitplane.c:160:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Image file %s missing or invalid FITS\"]\n", input_file);
data/montage-6.0+dfsg/MontageLib/Fitplane/montageFitplane.c:167:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Fitplane/montageFitplane.c:174:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Fitplane/montageFitplane.c:189:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Fitplane/montageFitplane.c:232:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Fitplane/montageFitplane.c:503:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Fitplane/montageFitplane.c:595:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Fitplane/montageFitplane.c:596:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->json, montage_json);
data/montage-6.0+dfsg/MontageLib/Fitplane/montageFitplane.c:633:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/Fitplane/montageFitplane.c:750:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, error_text);
data/montage-6.0+dfsg/MontageLib/FixNaN/mFixNaN.c:116:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[optind]);
data/montage-6.0+dfsg/MontageLib/FixNaN/mFixNaN.c:124:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind+1]);
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:187:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:193:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:235:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:255:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:275:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:348:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:477:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:501:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:509:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:529:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:530:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->json, montage_json);
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:558:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", fluxfile);
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:607:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, msg);
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:625:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/GetHdr/mGetHdr.c:91:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, argv[optind]);
data/montage-6.0+dfsg/MontageLib/GetHdr/mGetHdr.c:92:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hdrfile, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:94:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Image file (%s) does not exist", infile);
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:107:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:119:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:128:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:136:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:237:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, card);
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:246:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(keyword, line);
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:358:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:64:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csys, optarg);
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:84:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bandStr, optarg);
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:121:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(locstr, argv[optind]);
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:125:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile, argv[optind+2]);
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:108:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(constraint, "location=%s&width=%.10f&height=%.10f&system=%s&equinox=%.2f&resolution=%.12f&rotation=%.6f&band=%s",
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:119:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Can't open output file %s", outfile);
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:132:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:153:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:162:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request, "GET http://%s:%d%s%s HTTP/1.0\r\n\r\n",
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:167:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request, "GET %s%s HTTP/1.0\r\nHOST: %s:%d\r\n\r\n",
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:202:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "%s", line+7);
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:242:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "Couldn't find host %s", hostname);
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:258:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "%s: connect failed.", hostname);
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:379:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hostStr, hostPtr);
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:74:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(grayfile, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:75:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(grayminstr, argv[i+2]);
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:76:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(graymaxstr, argv[i+3]);
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:101:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(graybetastr, argv[i+5]);
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:141:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(histfile, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:143:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Image file %s invalid FITS", grayfile);
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:192:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:201:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:233:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:401:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:437:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "leading numeric term in %s '%s' "
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:458:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "'%s' is not a valid %s",
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:478:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "'%s': negative "
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:485:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "'%s': percentile %s "
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:506:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "'%s' is not a valid %s",
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:531:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "extra numeric term in %s '%s' "
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:539:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "%s '%s' contains trailing "
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:551:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "%s '%s' contains trailing junk", kind, str);
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c:111:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fieldListFile, optarg);
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c:115:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(imgListFile, optarg);
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c:132:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathname, argv[optind]);
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c:133:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblname, argv[optind+1]);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:248:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pathname, pathnamein);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:265:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot open field list file: %s", fieldListFile);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:320:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fields[nfields].name, pname);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:321:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fields[nfields].type, ptype);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:372:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fields[nfields].name, cname[i]);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:373:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fields[nfields].type, ctype[i]);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:403:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot access %s", pathname);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:409:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "%s is not a directory", pathname);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:446:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot open image list file: %s", imgListFile);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:463:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:471:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:481:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:525:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:533:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (dirname, "%s/%s", pathname, fname);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:535:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hdr_rec.fname, fname);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:595:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "gunzip -c %s > %s", dirname, tempfile);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:596:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:653:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (dirname, "%s/%s", pathname, entry->d_name);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:656:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hdr_rec.fname, dirname+2);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:658:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hdr_rec.fname, dirname+hdrlen);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:736:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "gunzip -c %s > %s", dirname, tempfile);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:737:19: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:801:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (msg, "Cannot open FITS file %s", fname);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1074:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fields[i].defval, ptr);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1224:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hdr_rec->ctype1, wcs->ctype[0]);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1225:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hdr_rec->ctype2, wcs->ctype[1]);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1371:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fields[i].value, fields[i].defval);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1383:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fields[i].value, ptr);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1386:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fields[i].value, fields[i].defval);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1445:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(tblf, fmt, tmpname);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1457:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(tblf, fmt, fields[i].type);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1477:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(tblf, fmt, tmpname);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1488:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(tblf, fmt, fields[i].type);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1521:8: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(tblf, fmt, fields[i].value);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1564:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tempfile, "%s.tmp", tblname);
data/montage-6.0+dfsg/MontageLib/MakeHdr/mMakeHdr.c:134:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/MontageLib/MakeHdr/mMakeHdr.c:135:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/MakeHdr/mMakeHdr.c:143:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csys, argv[optind + 2]);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:276:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csys, csysin);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:324:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Invalid table file: %s", tblfile);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:332:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fnames[0], tblfile);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:346:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fnames[ntables], tval(itable));
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:387:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tfile, fnames[ifiles]);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:407:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Invalid image metadata file: %s", tfile);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:581:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(epochStr, keyval);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:586:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(epochStr, keyval);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:591:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(epochStr, keyval);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:596:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(epochStr, keyval);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:604:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:609:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:614:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:619:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:624:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:629:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:634:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:639:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:644:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:649:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csysStr, keyval);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:930:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input.ctype1, tval(ictype1));
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:931:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input.ctype2, tval(ictype2));
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:956:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", input.ctype1 ); mMakeHdr_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:957:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", input.ctype2 ); mMakeHdr_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:990:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1245:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "msg=\"Large area; defaulting to AITOFF projection.%s\", count=%d, ncube=%d, naxis1=%d, naxis2=%d",
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1248:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->json, "{\"msg\":\"Large area; defaulting to AITOFF projection.%s\", \"count\":%d, \"ncube\":%d, \"naxis1\":%d, \"naxis2\":%d}",
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1251:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->note, msg);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1416:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1489:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "msg=\"%s\", count=%d, ncube=%d, naxis1=%d, naxis2=%d, clon=%.6f, clat=%.6f, lonsize=%.6f, latsize=%.6f, posang=%.6f, lon1=%.6f, lat1=%.6f, lon2=%.6f, lat2=%.6f, lon3=%.6f, lat3=%.6f, lon4=%.6f, lat4=%.6f",
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1502:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_json, "{msg=\"%s\", \"count\"=%d, \"ncube\"=%d, \"naxis1\"=%d, \"naxis2\"=%d, \"clon\"=%.6f, \"clat\"=%.6f, \"lonsize\"=%.6f, \"latsize\"=%.6f, \"posang\"=%.6f, \"lon1\"=%.6f, \"lat1\"=%.6f, \"lon2\"=%.6f, \"lat2\"=%.6f, \"lon3\"=%.6f, \"lat3\"=%.6f, \"lon4\"=%.6f, \"lat4\"=%.6f}",
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1519:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1520:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->json, montage_json);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1522:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->note, msg);
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:66:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(jsonStr, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:80:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(jsonFile, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:95:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template, argv[position]);
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:96:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFile, argv[position+1]);
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:159:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(jsonStr, line);
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:194:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmdstr, argv[i]);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:308:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, usage);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:330:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, usage);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:334:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(arrayfile, argv[index+1]);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:344:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, usage);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:358:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, usage);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:375:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, usage);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:379:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat_file[ncat], argv[index+1]);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:380:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colname [ncat], argv[index+2]);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:384:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(coordStr, argv[index+4]);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:386:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(coordStr, argv[index+5]);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:410:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, usage);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:414:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(image_file[nimage], argv[index+1]);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:426:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, usage);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:434:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, usage);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:556:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat_file[ncat], valstr);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:568:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colname[ncat], valstr);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:642:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csys, valstr);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:654:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(image_file[nimage], valstr);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:685:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(arrayfile, valstr);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:751:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Image array file [%s] not found.\n", arrayfile);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:765:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:914:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:928:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:958:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Can't open table file %s.", cat_file[ifile]);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1138:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Can't open table table %s.", cat_file[ifile]);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1683:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1705:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1724:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1741:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1742:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->json, montage_json);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1866:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "Template file [%s] not found.", filename);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1889:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(header[0], line);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:2067:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:2099:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(val, valstr);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:2120:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(val, valstr);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:2138:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(val, valstr);
data/montage-6.0+dfsg/MontageLib/Overlaps/mOverlaps.c:83:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/MontageLib/Overlaps/mOverlaps.c:84:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(difftbl, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:188:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Failed to open output %s", difftbl);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:201:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Invalid image metadata file: %s", tblfile);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:346:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input[nimages].fname, mOverlaps_fileName(tval(ifname)));
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:353:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input[nimages].ctype1, tval(ictype1));
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:354:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input[nimages].ctype2, tval(ictype2));
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:386:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", input[nimages].ctype1 ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:387:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", input[nimages].ctype2 ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:422:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkWCS);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:619:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, fmt, "plus", "minus");
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:622:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, fmt, "char", "char");
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:827:16: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, fmt, input[k].cntr, input[l].cntr,
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:872:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, fmt, input[k].cntr, input[l].cntr,
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:904:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, fmt, input[k].cntr, input[l].cntr,
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:945:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, fmt, input[k].cntr, input[l].cntr,
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:977:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fout, fmt, input[k].cntr, input[l].cntr,
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:76:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, optarg);
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:104:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(border, optarg);
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:108:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(scaleCol, optarg);
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:112:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(weightCol, optarg);
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:160:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:161:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:162:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(projdir, argv[optind + 2]);
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:163:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(stats, argv[optind + 3]);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:184:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, inpath);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:203:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Image metadata file (%s) does not exist", tblfile);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:210:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Output directory (%s) does not exist", projdir);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:217:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(origHdr, "%s/orig.hdr", projdir);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:218:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(altin, "%s/altin.hdr", projdir);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:219:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(altout, "%s/altout.hdr", projdir);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:258:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:371:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Need column %s in input", weightCol);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:390:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Need column %s in input", scaleCol);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:439:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, montage_filePath(path, tval(ifname)));
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:441:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile, projdir);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:451:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fname, "%s%s", hdustr, montage_fileName(tval(ifname)));
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:453:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(outfile, fname);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:683:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg, projectCube->msg);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:700:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg, projectQL->msg);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:719:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg, project->msg);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:738:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg, projectPP->msg);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:758:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg, projectPP->msg);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:778:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg, projectPP->msg);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:799:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg, projectPP->msg);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:818:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg, project->msg);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:910:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "Template file %s not found.", filename);
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:88:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(weight_file, optarg);
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:132:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(borderstr, optarg);
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:176:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[optind]);
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:177:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:178:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[optind + 2]);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:396:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, ofile);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:421:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Border value string (%s) cannot be interpreted as an integer or a set of polygon vertices",
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:446:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:454:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:474:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area_file, output_file);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:508:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:552:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:610:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1656:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1749:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1782:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1789:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1802:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1815:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1833:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1846:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1865:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1873:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1887:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1895:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1903:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1913:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1921:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1931:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1939:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1950:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1958:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1966:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1976:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1984:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1994:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2002:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2029:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2059:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2082:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2095:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2353:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, linein);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2457:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", filename);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2484:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Weight file %s missing or invalid FITS", weightfile);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2640:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2655:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, msg);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2748:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, strin);
data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.c:86:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(weight_file, optarg);
data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.c:170:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[optind]);
data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.c:171:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.c:172:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[optind + 2]);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:337:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:345:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:365:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area_file, output_file);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:393:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:440:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:506:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1787:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1821:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1828:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1841:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1854:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1872:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1885:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1904:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1912:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1926:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1934:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1942:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1950:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1958:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1968:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1976:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1984:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1992:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2000:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2036:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2072:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2095:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2108:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2367:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, linein);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2471:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", filename);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2500:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Weight file %s missing or invalid FITS", weightfile);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2530:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", filename);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2681:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2694:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, msg);
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:93:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(altin, optarg);
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:97:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(altout, optarg);
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:101:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(weight_file, optarg);
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:145:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(borderstr, optarg);
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:189:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[optind]);
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:190:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:191:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[optind + 2]);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:310:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, ofile);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:333:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Border value string (%s) cannot be interpreted as an integer or a set of polygon vertices",
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:358:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:366:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:376:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:387:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:408:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area_file, output_file);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:443:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:468:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Input image projection (%s) must be TAN, SIN, ZEA, STG or ARC for fast reprojection", input.wcs->ptype);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:470:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:518:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Output image projection (%s) must be TAN, SIN, ZEA, STG or ARC for fast reprojection", output.wcs->ptype);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:520:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:527:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:554:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:809:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:823:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:834:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:869:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:880:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:948:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:958:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1326:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1413:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1446:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1453:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1466:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1479:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1497:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1510:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1529:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1537:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1551:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1559:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1567:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1575:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1583:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1593:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1601:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1609:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1617:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1625:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1651:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1681:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1704:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1717:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1778:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "Template file [%s] not found.", filename);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1822:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(alt_input_header, headerStr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1917:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(alt_output_header, headerStr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1919:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_header, headerStr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2025:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, linein);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2128:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", filename);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2157:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Weight file %s missing or invalid FITS", weightfile);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2295:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2310:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, msg);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2392:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, strin);
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:87:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(weight_file, optarg);
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:131:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(borderstr, optarg);
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:171:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[optind]);
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:172:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:173:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[optind + 2]);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:291:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, ofile);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:313:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Border value string (%s) cannot be interpreted as an integer or a set of polygon vertices",
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:338:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:346:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:366:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(area_file, output_file);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:399:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:784:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:794:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:805:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:814:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:863:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:872:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:886:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:901:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:920:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:935:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:955:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:964:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:978:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:986:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:994:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1004:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1012:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1022:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1030:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1043:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1051:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1059:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1069:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1077:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1087:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1095:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1261:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1270:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1299:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1314:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1570:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line, linein);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1674:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", filename);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1703:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Weight file %s missing or invalid FITS", weightfile);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1855:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1868:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, msg);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1962:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, strin);
data/montage-6.0+dfsg/MontageLib/PutHdr/mPutHdr.c:109:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[optind]);
data/montage-6.0+dfsg/MontageLib/PutHdr/mPutHdr.c:110:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/PutHdr/mPutHdr.c:111:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[optind + 2]);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:152:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot open template file %s.", template_file);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:192:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:255:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:269:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:287:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:308:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:316:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:324:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:340:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:398:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:414:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:444:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:451:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:496:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", filename);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:590:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:603:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, msg);
data/montage-6.0+dfsg/MontageLib/Shrink/mShrink.c:96:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[optind]);
data/montage-6.0+dfsg/MontageLib/Shrink/mShrink.c:97:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:209:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:229:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:241:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:326:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output.ctype1, input.ctype1);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:327:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output.ctype2, input.ctype2);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:347:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output.bunit, input.bunit);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:376:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:388:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:407:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:415:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:423:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:431:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:439:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:447:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:455:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:463:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:471:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:479:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:487:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:495:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:503:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:511:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:519:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:527:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:535:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:543:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:551:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:559:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:567:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:575:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:583:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:591:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:599:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:607:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:615:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:623:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:757:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:881:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:914:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:1027:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:1161:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:1207:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:1214:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:1315:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Image file %s missing or invalid FITS", fluxfile);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:1359:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(input.ctype1, ctype1);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:1365:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(input.ctype2, ctype2);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:1509:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(input.bunit, bunit);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:1534:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:1547:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, msg);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/mShrinkCube.c:108:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[optind]);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/mShrinkCube.c:109:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:212:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:224:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:313:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output.ctype1, input.ctype1);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:314:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output.ctype2, input.ctype2);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:336:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output.bunit, input.bunit);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:365:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:377:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:396:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:404:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:412:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:422:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:433:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:442:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:450:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:458:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:466:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:474:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:482:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:490:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:498:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:506:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:514:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:522:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:530:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:538:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:546:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:554:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:562:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:570:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:578:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:586:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:594:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:602:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:610:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:618:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:626:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:634:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:642:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:795:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:925:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:958:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:1094:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:1234:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:1284:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:1291:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:1394:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Image file %s missing or invalid FITS", fluxfile);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:1450:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(input.ctype1, ctype1);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:1456:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(input.ctype2, ctype2);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:1606:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(input.bunit, bunit);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:1631:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:1644:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, msg);
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:72:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(appname, argv[0]);
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:143:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(d3constraint, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:151:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(d4constraint, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:266:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, argv[1]);
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:267:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile, argv[2]);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:177:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(params.dConstraint[0], d3constraint);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:181:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:229:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(params.dConstraint[1], d4constraint);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:233:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:325:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:341:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Image file %s missing or invalid FITS", infile);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:386:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:413:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:723:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Can't create output file: %s", outfile);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:755:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:782:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "content=\"%s\", warning=\"%s\"", content, warning);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:783:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_json, "{\"content\"=\"%s\", \"warning\"=\"%s\"}", content, warning);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:789:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "content=\"%s\", warning=\"%s\"", content, warning);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:790:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_json, "{\"content\"=\"%s\", \"warning\"=\"%s\"}", content, warning);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:794:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "content=\"%s\"", content);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:795:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_json, "{\"content\":\"%s\"}", content);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:800:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:801:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->json, montage_json);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:803:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->content, content);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:804:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->warning, warning);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1477:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list, params->dConstraint[index]);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1529:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "Invalid range string [%s].", begin);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1539:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "Invalid range string [%s].", split);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1587:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/Subimage/mSubimage.c:59:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(appname, argv[0]);
data/montage-6.0+dfsg/MontageLib/Subimage/mSubimage.c:180:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, argv[1]);
data/montage-6.0+dfsg/MontageLib/Subimage/mSubimage.c:181:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile, argv[2]);
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:209:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:219:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Image file %s missing or invalid FITS", infile);
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:258:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:572:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Can't create output file: %s", outfile);
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:604:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:622:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:629:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:635:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "content=\"%s\"", content);
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:636:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->json, "{\"content\":\"%s\"}", content);
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:638:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->content, content);
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:1139:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/Subset/mSubset.c:85:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/MontageLib/Subset/mSubset.c:86:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/Subset/mSubset.c:87:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(subtbl, argv[optind + 2]);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:208:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:216:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Failed to open output %s", subtbl);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:228:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:252:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Invalid image metadata file: %s", tblfile);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:505:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input.ctype1, tval(ictype1));
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:506:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input.ctype2, tval(ictype2));
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:537:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", input.ctype1 ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:538:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", input.ctype2 ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:582:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkWCS);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:1187:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "%s", msg);
data/montage-6.0+dfsg/MontageLib/TANHdr/mTANHdr.c:162:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(origtmpl, argv[optind]);
data/montage-6.0+dfsg/MontageLib/TANHdr/mTANHdr.c:163:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newtmpl, argv[optind + 1]);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:228:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:236:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot open output template file %s", newtmpl);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:575:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:896:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1221:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "Bad template: %s", template);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1292:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cdelt1, value);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1297:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cdelt2, value);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1302:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(crota2, value);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1307:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cd11, value);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1312:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cd12, value);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1317:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cd21, value);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1322:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cd22, value);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1327:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc11, value);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1332:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc12, value);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1337:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc21, value);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1342:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pc22, value);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1347:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(epoch, value);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1352:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(equinox, value);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1406:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "Bad template: %s", template);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1449:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, checkWCS);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1574:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s-TAN-SIP'", wcs->c1type);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1578:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s-TAN-SIP'", wcs->c2type);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1615:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CROTA2 = %s", crota2 );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1622:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CD1_1 = %s", cd11 );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1629:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CD1_2 = %s", cd12 );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1636:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CD2_1 = %s", cd21 );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1643:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CD2_2 = %s", cd22 );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1650:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "PC1_1 = %s", pc11 );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1657:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "PC1_2 = %s", pc12 );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1664:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "PC2_1 = %s", pc21 );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1671:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "PC2_2 = %s", pc22 );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1678:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "EPOCH = %s", epoch );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1685:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "EQUINOX = %s", equinox );
data/montage-6.0+dfsg/MontageLib/Transpose/mTranspose.c:56:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(statfile, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Transpose/mTranspose.c:116:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inputFile, argv[1]);
data/montage-6.0+dfsg/MontageLib/Transpose/mTranspose.c:124:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outputFile, argv[2]);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:160:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Input image file %s missing or invalid FITS", inputFile);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:162:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:168:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:176:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:191:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:740:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:750:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:760:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:770:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:780:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:790:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:987:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1000:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1024:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newcard, mTranspose_checkKeyword(keyname, card, naxis));
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1040:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1076:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1115:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1125:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1135:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1145:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1155:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1165:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1187:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1202:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1203:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->json, montage_json);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1364:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(retstr, card);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1366:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wcskey, wcs[i]);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1394:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(retstr, card);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1408:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, msg);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1426:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:70:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFile, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:85:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFile, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:99:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(jsonStr, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:113:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(jsonFile, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:127:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fontFile, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:194:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(jsonStr, line);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:229:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cmdstr, argv[i]);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:915:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, dstr);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:921:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, mstr);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:931:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, sstr);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:1013:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, hstr);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:1023:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, mstr);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:1033:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, sstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:623:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fontfile, fontFile);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:627:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fontfile, FONT_DIR);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:630:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fontfile, getenv("MONTAGE_FONT_DIR"));
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:699:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pngfile, outFile);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:702:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(jpegfile, outFile);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:740:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(layout, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:746:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(layout, params);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:780:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:873:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:939:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Image file %s invalid FITS", grayfile);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:978:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1032:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Image file %s invalid FITS", redfile);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1071:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1125:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Image file %s invalid FITS", greenfile);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1164:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1218:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Image file %s invalid FITS", bluefile);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1276:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1329:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1362:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].file, valstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1369:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].scaleColumn, valstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1454:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].symSizeColumn, valstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1461:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].symShapeColumn, valstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1468:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].labelColumn, valstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1475:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].colorColumn, valstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1492:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1525:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].file, valstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1540:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1662:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1725:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(label[nlabel].text, valstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1829:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorstr, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1835:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1975:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(label[nlabel].text, argv[i+3]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2200:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(scaleColumn, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2241:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorColumn, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2265:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symSizeColumn, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2289:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symShapeColumn, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2313:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(labelColumn, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2334:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cat[ncat].scaleColumn, scaleColumn);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2336:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].file, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2341:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cat[ncat].scaleColumn, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2375:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].colorColumn, colorColumn);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2376:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].labelColumn, labelColumn);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2377:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].symSizeColumn, symSizeColumn);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2378:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].symShapeColumn, symShapeColumn);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2437:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].file, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2456:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].colorColumn, colorColumn);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2500:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(grayfile, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2515:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2531:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(grayhistfile, argv[i+3]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2536:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(grayminstr, argv[i+2]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2537:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(graymaxstr, argv[i+3]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2562:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(graybetastr, argv[i+5]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2602:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Image file %s invalid FITS", grayfile);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2629:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redfile, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2644:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2660:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redhistfile, argv[i+3]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2666:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redminstr, argv[i+2]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2667:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redmaxstr, argv[i+3]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2692:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redbetastr, argv[i+5]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2731:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Image file %s invalid FITS", redfile);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2758:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenfile, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2773:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2789:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenhistfile, argv[i+3]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2795:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenminstr, argv[i+2]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2796:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenmaxstr, argv[i+3]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2821:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenbetastr, argv[i+5]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2860:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Image file %s invalid FITS", greenfile);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2887:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bluefile, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2902:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, checkHdr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2917:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bluehistfile, argv[i+3]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2923:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(blueminstr, argv[i+2]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2924:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bluemaxstr, argv[i+3]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2949:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bluebetastr, argv[i+5]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2988:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Image file %s invalid FITS", bluefile);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3016:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pngfile, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3031:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(jpegfile, argv[i+1]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3037:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Error opening output file '%s'", jpegfile);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3049:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Invalid 'directive': %s (probably a misplaced argument)", argv[i]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3051:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Invalid directive: %s", argv[i]);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3071:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenfile, redfile);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3078:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenminstr, redminstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3079:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenmaxstr, redmaxstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3083:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenbetastr, redbetastr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3306:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "WCS init failed for [%s].", redfile);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3465:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "WCS init failed for [%s].", greenfile);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3556:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "WCS init failed for [%s].", bluefile);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3739:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3753:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3788:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3802:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3837:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3851:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:4469:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "WCS init failed for [%s].", grayfile);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:4643:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:4658:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5001:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Invalid table file [%s].", cat[i].file);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5015:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot find 'ra' and 'dec (or 'lon','lat') in table [%s]", cat[i].file);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5032:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot find flux/mag column [%s] in table [%s]", cat[i].scaleColumn, cat[i].file);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5050:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot find color column [%s] in table [%s]", cat[i].colorColumn, cat[i].file);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5068:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot find symbol size column [%s] in table [%s]", cat[i].symSizeColumn, cat[i].file);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5086:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot find symbol shape column [%s] in table [%s]", cat[i].symShapeColumn, cat[i].file);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5104:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot find label column [%s] in table [%s]", cat[i].labelColumn, cat[i].file);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5149:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorstr, tval(icolor));
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5154:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5170:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symbolstr, tval(isymsize));
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5215:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symbolstr, tval(isymshape));
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5303:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(labelstr, tval(ilabel));
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5342:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Invalid table file [%s].\" ]\n", cat[i].file);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5360:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot find color column [%s] in table [%s]", cat[i].colorColumn, cat[i].file);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5421:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "Cannot find 'ra1', 'dec1', etc. corners or WCS columns in table [%s]\n", cat[i].file);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5446:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorstr, tval(icolor));
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5451:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, montage_msgstr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5477:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(im_ctype1, tval(ictype1));
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5478:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(im_ctype2, tval(ictype2));
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5500:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", im_ctype1 ); mViewer_stradd(im_header, temp);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5501:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", im_ctype2 ); mViewer_stradd(im_header, temp);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5719:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->msg, lodepng_error_text(pngError));
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5734:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "type=\"color\", width=%d, height=%d, bmin=%-g, bminpercent=%.2f, bminsigma=%2f, bmax=%-g, bmaxpercent=%.2f, bmaxsigma=%.2f, gmin=%-g, gminpercent=%.2f, gminsigma=%.2f, gmax=%-g, gmaxpercent=%.2f, gmaxsigma=%.2f, rmin=%-g, rminpercent=%.2f, rminsigma=%.2f, rmax=%-g, rmaxpercent=%.2f, rmaxsigma=%.2f, rdatamin=%-g, rdatamax=%-g, gdatamin=%-g, gdatamax=%-g, bdatamin=%-g, bdatamax=%-g, xflip=%d, yflip=%d, bunit=\"%s\"",
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5748:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->json, "\"type\":\"color\", \"width\":%d, \"height\":%d, \"bmin\":%-g, \"bminpercent\":%.2f, \"bminsigma\":%2f, \"bmax\":%-g, \"bmaxpercent\":%.2f, \"bmaxsigma\":%.2f, \"gmin\":%-g, \"gminpercent\":%.2f, \"gminsigma\":%.2f, \"gmax\":%-g, \"gmaxpercent\":%.2f, \"gmaxsigma\":%.2f, \"rmin\":%-g, \"rminpercent\":%.2f, \"rminsigma\":%.2f, \"rmax\":%-g, \"rmaxpercent\":%.2f, \"rmaxsigma\":%.2f, \"rdatamin\":%-g, \"rdatamax\":%-g, \"gdatamin\":%-g, \"gdatamax\":%-g, \"bdatamin\":%-g, \"bdatamax\":%-g, \"xflip\":%d, \"yflip\":%d, \"bunit\":\"%s\"}",
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5802:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->bunit, bunit);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5806:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->msg, "type=\"grayscale\", width=%d, height=%d, min=%-g, minpercent=%.2f, minsigma=%.2f, max=%-g, maxpercent=%.2f, maxsigma=%.2f, datamin=%-g, datamax=%-g, xflip=%d, yflip=%d, bunit=\"%s\", colortable=%d",
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5814:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(returnStruct->json, "\"type\":\"grayscale\", \"width\":%d, \"height\":%d, \"min\":%-g, \"minpercent\":%.2f, \"minsigma\":%.2f, \"max\":%-g, \"maxpercent\":%.2f, \"maxsigma\":%.2f, \"datamin\":%-g, \"datamax\":%-g, \"xflip\":%d, \"yflip\":%d, \"bunit\":\"%s\", \"colortable\":%d",
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5862:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(returnStruct->bunit, bunit);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6072:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorstr, colorin);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6075:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorstr, colorin+1);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6341:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6629:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "leading numeric term in %s '%s' cannot be converted to a finite floating point number",
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6642:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "'%s' is not a valid %s", str, kind);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6654:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "'%s': negative percentile %s", str, kind);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6658:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "'%s': percentile %s larger than 100", str, kind);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6675:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "'%s' is not a valid %s", str, kind);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6689:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "extra numeric term in %s '%s' cannot be converted to a finite floating point number",
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6694:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "%s '%s' contains trailing junk", kind, str);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6701:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "%s '%s' contains trailing junk", kind, str);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7056:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %d", label, type);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7061:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %lf %lf", label, minval, maxval);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7066:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %lf %lf", label, datamin, datamax);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7069:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %lf %lf", label, median, sigma);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7073:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %lf", label, &rmin);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7076:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %lf", label, &rmax);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7079:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %lf", label, &delta);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7082:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %lu", label, &npix);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7089:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %lf", label, dataval+i);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7098:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %lf %d %lf %lf", label, datalev+i, hist+i, chist+i, gausslev+i);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7274:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7373:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7376:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7378:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:RDF xmlns:rdf=\"http://www.w3.org/1999/02/22-rdf-syntax-ns#\">\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7379:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:Description rdf:about=\"\"\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7380:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " xmlns:avm=\"http://www.communicatingastronomy.org/avm/1.0/\">\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7381:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:MetadataVersion>1.1</avm:MetadataVersion>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7382:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Type>Observation</avm:Type>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7383:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Spatial.Quality>Full</avm:Spatial.Quality>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7384:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, " <avm:Spatial.CoordinateFrame>%s</avm:Spatial.CoordinateFrame>\n", csys); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7384:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Spatial.CoordinateFrame>%s</avm:Spatial.CoordinateFrame>\n", csys); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7385:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Spatial.Equinox>%.1f</avm:Spatial.Equinox>\n", equinox); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7386:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, " <avm:Spatial.CoordsystemProjection>%s</avm:Spatial.CoordsystemProjection>\n", proj); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7386:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Spatial.CoordsystemProjection>%s</avm:Spatial.CoordsystemProjection>\n", proj); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7387:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Spatial.Rotation>%.10e</avm:Spatial.Rotation>\n", crota2); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7388:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Spatial.ReferenceDimension>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7389:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7390:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:li>%d</rdf:li>\n", naxis1); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7391:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:li>%d</rdf:li>\n", naxis2); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7392:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7393:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </avm:Spatial.ReferenceDimension>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7394:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Spatial.ReferenceValue>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7395:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7396:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", crval1); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7397:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", crval2); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7398:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7399:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </avm:Spatial.ReferenceValue>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7400:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Spatial.ReferencePixel>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7401:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7402:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", crpix1); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7403:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", crpix2); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7404:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7405:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </avm:Spatial.ReferencePixel>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7406:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Spatial.Scale>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7407:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7408:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", xinc); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7409:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", yinc); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7410:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7411:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </avm:Spatial.Scale>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7412:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </rdf:Description>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7413:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </rdf:RDF>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7414:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, "</x:xmpmeta>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7419:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWT.c:39:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tileID, argv[1]);
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWT.c:40:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outFile, argv[2]);
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWTExec.c:64:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hdrDir, argv[2]);
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWTExec.c:110:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mHdrWWT \"\" %s/tile%s.hdr", hdrDir, hdrStr);
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWTExec.c:120:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(status, svc_value("stat"));
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWTExec.c:156:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hdrStr, "%s%d", instr, i);
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWTExec.c:158:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mHdrWWT %s %s/tile%s.hdr", hdrStr, hdrDir, hdrStr);
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWTExec.c:168:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(status, svc_value("stat"));
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:88:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(baseName, argv[3]);
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:89:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(grayDir, argv[4]);
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:90:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(grayHist, argv[5]);
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:91:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pngDir, argv[6]);
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:109:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(baseName, argv[3]);
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:111:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(blueDir, argv[4]);
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:112:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(blueHist, argv[5]);
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:113:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenDir, argv[6]);
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:114:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenHist, argv[7]);
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:115:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redDir, argv[8]);
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:116:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redHist, argv[9]);
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:117:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pngDir, argv[10]);
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:296:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mViewer -ct %d -gray %s/%s%s.fits -histfile %s -out %s/%s%s.png",
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:301:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mViewer -t %d -blue %s/%s%s.fits -histfile %s -green %s/%s%s.fits -histfile %s -red %s/%s%s.fits -histfile %s -out %s/%s%s.png",
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:317:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(status, svc_value("stat"));
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:352:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tileStr, "%s%d", instr, i);
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:356:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mViewer -ct %d -gray %s/%s%s.fits -histfile %s -out %s/%s%s.png",
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:361:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mViewer -t %d -blue %s/%s%s.fits -histfile %s -green %s/%s%s.fits -histfile %s -red %s/%s%s.fits -histfile %s -out %s/%s%s.png",
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:377:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(status, svc_value("stat"));
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:60:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fitsFile, argv[2]);
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:61:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(baseName, argv[3]);
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:62:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hdrDir, argv[4]);
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:63:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tileDir, argv[5]);
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:142:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectQL %s %s/%s%s.fits %s/tile%s.hdr",
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:153:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(status, svc_value("stat"));
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:188:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tileStr, "%s%d", instr, i);
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:190:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectQL %s %s/%s%s.fits %s/tile%s.hdr",
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:201:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(status, svc_value("stat"));
data/montage-6.0+dfsg/MontageLib/mJupyter.c:34:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(module, argv[1]);
data/montage-6.0+dfsg/MontageLib/mJupyter.c:39:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileOut, "%s/m%s.ipynb", module, module);
data/montage-6.0+dfsg/MontageLib/mJupyter.c:118:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "m%s", module);
data/montage-6.0+dfsg/MontageLib/mJupyter.c:124:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(message, svc_value("msg"));
data/montage-6.0+dfsg/MontageLib/mJupyter.c:145:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileIn, "%s/montage%s.c", module, module);
data/montage-6.0+dfsg/MontageLib/mJupyter.c:218:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pattern, "struct m%sReturn", module);
data/montage-6.0+dfsg/MontageLib/mLibDoc.c:28:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(module, argv[1]);
data/montage-6.0+dfsg/MontageLib/mLibDoc.c:33:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileOut, "%s/m%sLib.html", module, module);
data/montage-6.0+dfsg/MontageLib/mLibDoc.c:55:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileIn, "%s/montage%s.c", module, module);
data/montage-6.0+dfsg/MontageLib/mLibDoc.c:119:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pattern, "struct m%sReturn", module);
data/montage-6.0+dfsg/MontageLib/test/example.c:15:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, argv[1]);
data/montage-6.0+dfsg/MontageLib/test/example.c:16:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template, argv[3]);
data/montage-6.0+dfsg/MontageLib/test/example.c:21:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(outfile, "%s", argv[2]);
data/montage-6.0+dfsg/MontageLib/test/example.c:31:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(outfile, "PP%s", argv[2]);
data/montage-6.0+dfsg/MontageLib/test/example.c:41:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(outfile, "QL%s", argv[2]);
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:215:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "FITS file (%s) cannot be used as a header template", infile);
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:253:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpstr, fitsvalue+1);
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:259:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpstr, fitsvalue);
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:263:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "%-8s= %20s", fitskeyword, fitsvalue);
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:291:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "File %s not found.", infile);
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:297:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "File (%s) is not a FITS image", infile);
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:305:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(montage_msgstr, "File %s not found.", infile);
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:320:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pline, line);
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:670:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype1, value);
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:676:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype2, value);
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:912:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, msg);
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:927:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(montage_msgstr, status_str);
data/montage-6.0+dfsg/MontageLib/util/filePath.c:51:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(base, path);
data/montage-6.0+dfsg/MontageLib/util/filePath.c:61:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(base, ptr);
data/montage-6.0+dfsg/ancillary/HPXcvt.c:172:37: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (strcmp(hpxdat.infile, "-") && access(hpxdat.infile, R_OK) == -1) {
data/montage-6.0+dfsg/ancillary/HPXcvt.c:575:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(history, "Original input file: %s", hpxdat->infile);
data/montage-6.0+dfsg/ancillary/HPXcvt.c:579:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(history, " Original ordering: %s",
data/montage-6.0+dfsg/ancillary/HPXcvt.c:831:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cval, "%s-%s", ctype1, pcode);
data/montage-6.0+dfsg/ancillary/HPXcvt.c:832:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(comment, "%s in an %s projection", descr1, pcode);
data/montage-6.0+dfsg/ancillary/HPXcvt.c:834:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cval, "%s-%s", ctype2, pcode);
data/montage-6.0+dfsg/ancillary/HPXcvt.c:835:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(comment, "%s in an %s projection", descr2, pcode);
data/montage-6.0+dfsg/ancillary/HPXcvt.c:851:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(comment, "[deg] %s at the reference point", descr1);
data/montage-6.0+dfsg/ancillary/HPXcvt.c:853:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(comment, "[deg] %s at the reference point", descr2);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:42:7: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
char *mktemp (char *template);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:310:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hdrtext, optarg);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:314:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hdrfile, optarg);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:318:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savefile, optarg);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:326:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(label, optarg);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:330:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logaddr, optarg);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:346:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(survey, argv[optind]);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:347:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(band, argv[optind+1]);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:350:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workspace, argv[optind+2]);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:355:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workspace, (char *)mktemp(template));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:355:33: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
strcpy(workspace, (char *)mktemp(template));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:362:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, cwd);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:370:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp, workspace);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:372:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workspace, temp);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:388:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:392:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( msg, "Sorry, the results storage system at SDSC is currently unavailable [Error %s]",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:401:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:405:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( msg, "Sorry, the results storage system at SDSC appears to be experiencing difficulties [Error %s]",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:419:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msgfile, "%s/msg.html", workspace);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:425:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Can't open workspace header template file: [%s]",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:457:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Can't open original header template file: [%s]",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:463:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/region.hdr", workspace);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:469:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Can't open workspace header template file: [%s]",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:503:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/region.hdr", workspace);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:509:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Can't open workspace header template file: [%s]",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:806:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mArchiveList -s gpfs %s %s \"%.4f %.4f eq j2000\" %.2f %.2f remote.tbl",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:817:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:821:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:828:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:837:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( msg, "%s has no data covering this area", survey);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:850:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mNotifyTG %s \"%s\"",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:904:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(url, tval(iurl));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:905:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:909:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(gpfsname, "/gpfs-wan/2MASS-unzipped%s", ptr+9);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:923:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Can't open archive file: [%s]", gpfsname);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:932:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Can't open archive file copy file: [%s]", fname);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:960:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mNotifyTG %s \"%s\"",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:991:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:995:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1002:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1029:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mNotifyTG %s \"%s\"",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1092:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1096:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1155:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( infile, tval(ifname));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1156:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(outfile, "p%s", infile);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1174:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "raw/%s", infile);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1202:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mGetHdr %s orig.hdr", path);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1212:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1216:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1231:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1235:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1281:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectPP -b 1 -i altin.hdr -o altout.hdr raw/%s projected/%s big_region.hdr",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1285:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectPP -b 1 -i altin.hdr raw/%s projected/%s big_region.hdr",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1289:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectPP -b 1 -o altout.hdr raw/%s projected/%s big_region.hdr",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1293:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectPP -b 1 raw/%s projected/%s big_region.hdr",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1297:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProject -b 1 raw/%s projected/%s big_region.hdr",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1308:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1314:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1321:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1331:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(msg, tval(ifname));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1337:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(msg, tval(ifname));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1349:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "raw/%s", infile);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1360:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mNotifyTG %s \"%s\"",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1387:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mNotifyTG %s \"%s\"",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1433:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1437:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1450:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mNotifyTG %s \"%s\"",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1512:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname1, tval(ifname1));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1513:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname2, tval(ifname2));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1514:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(diffname, tval(idiffname));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1516:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mDiff projected/%s projected/%s diffs/%s big_region.hdr", fname1, fname2, diffname);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1528:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1536:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1542:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mFitplane diffs/%s", diffname);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1552:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1556:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1596:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "diffs/%s", diffname);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1599:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(areafile, cmd);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1613:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mNotifyTG %s \"%s\"",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1653:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1657:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1670:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mNotifyTG %s \"%s\"",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1716:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file[index], tval(ifname));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1777:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(astr, tval(ia));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1778:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bstr, tval(ib));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1779:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cstr, tval(ic));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1781:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(corrected, file[i]);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1788:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mBackground projected/%s corrected/%s %s %s %s",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1801:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1809:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1817:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "projected/%s", file[i]);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1820:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(areafile, cmd);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1834:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mNotifyTG %s \"%s\"",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1855:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mNotifyTG %s \"%s\"",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1899:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1903:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1933:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1937:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1950:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mNotifyTG %s \"%s\"",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1981:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Can't open save file: [%s]", savefile);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2028:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(infile, "corrected/%s", tval(ifname));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2034:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(areafile, infile);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2080:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(infile, "projected/%s", tval(ifname));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2086:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(areafile, infile);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2126:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2130:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2142:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mNotifyTG %s \"%s\"",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2168:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fitsurl, subdir);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2169:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(urlbase, subdir);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2170:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(urlcoded, subdir);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2290:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2294:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( msg, "Sorry, the results storage system at SDSC is now unavailable [Error %s]",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2299:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "sput.sh -r %s %s", subdir, subdir);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2309:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2313:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( msg, "Sorry, the results storage system at SDSC is not accepting downloads unavailable [Error %s]",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2318:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "schmod.sh -r r public nvo /NVOzone/home/jcg.nvo/%s", subdir);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2328:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2332:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( msg, "Sorry, the results storage system at SDSC is not responding [Error %s]",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2347:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2351:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( msg, "There is some problem with the results storage system at SDSC. Some data may be compromised [Error %s]",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2358:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mNotifyTG %s \"%s\"",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2376:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "rm -rf %s", workspace);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2384:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2408:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mNotifyTG %s \"%s\"",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2437:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msgstr, "ERROR: %s", str);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2439:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mNotifyTG %s \"%s\"",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2490:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "FITS error: %s (%d); File = %s",
data/montage-6.0+dfsg/grid/Globus/NotifyTG/mNotifyTG.c:67:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(constraint, "directory=%s&msg=%s", directory, msg);
data/montage-6.0+dfsg/grid/Globus/NotifyTG/mNotifyTG.c:77:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request, "GET %s%s HTTP/1.0\r\nHOST: %s:%d\r\n\r\n",
data/montage-6.0+dfsg/grid/Pegasus/hashtable.c:252:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hashtable->subkey, key);
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:137:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:138:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fitfile, argv[optind + 1]);
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:139:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(statdir, argv[optind + 2]);
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:199:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(statfile, statdir);
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:201:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(statfile, tval(istatfile));
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:229:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_val(line, "stat", val));
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:233:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_val(line, "msg", val ));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:228:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(timestr, ctime((const time_t *)(&timeval)));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:273:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(survey, argv[2]);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:274:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(band, argv[3]);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:275:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hdrFile, argv[4]);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:276:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workdir, argv[5]);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:277:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workurlbase, argv[6]);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:279:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(urlbase, argv[7]);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:291:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(survey, argv[1]);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:292:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(band, argv[2]);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:293:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mosaicCenter, argv[3]);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:294:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mosaicWidth, argv[4]);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:295:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mosaicHeight, argv[5]);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:296:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mosaicCdelt, argv[6]);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:297:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workdir, argv[7]);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:298:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workurlbase, argv[8]);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:300:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(urlbase, argv[9]);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:428:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hdrFile, "%s/region.hdr", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:477:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hdrFile, "%s/big_region.hdr", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:528:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/bin/mArchiveList %s %s \"%s\" %.2f %.2f %s/images.tbl",
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:531:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mArchiveList %s %s \"%s\" %.2f %.2f %s/images.tbl",
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:542:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:546:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:553:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:562:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( msg, "%s has no data covering this area", survey);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:574:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/bin/mDAGTbls %s/images.tbl %s/big_region.hdr %s/rimages.tbl %s/pimages.tbl %s/cimages.tbl",
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:577:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mDAGTbls %s/images.tbl %s/big_region.hdr %s/rimages.tbl %s/pimages.tbl %s/cimages.tbl",
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:589:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:593:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:605:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/bin/mOverlaps %s/rimages.tbl %s/diffs.tbl",
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:608:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, " mOverlaps %s/rimages.tbl %s/diffs.tbl",
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:619:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:623:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:676:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hdrFile, "%s/shrunken.hdr", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:733:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/slist.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:751:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/bin/mTileHdr %s/region.hdr %s/region_%d_%d.hdr %d %d %d %d %d %d",
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:754:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mTileHdr %s/region.hdr %s/region_%d_%d.hdr %d %d %d %d %d %d",
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:765:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:769:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:775:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/bin/mSubset -f %s/cimages.tbl %s/region_%d_%d.hdr %s/cimages_%d_%d.tbl",
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:778:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mSubset -f %s/cimages.tbl %s/region_%d_%d.hdr %s/cimages_%d_%d.tbl",
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:789:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:793:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:817:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/dag.xml", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:820:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/cache.list", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:823:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/url.list", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:855:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/images.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:894:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/rimages.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:924:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/pimages.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:942:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:963:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/diffs.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:973:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/statfile.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:977:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmt, "|%%7s|%%7s|%%22s|\n");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:978:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dfmt, " %%7d %%7d %%22s \n");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:980:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ffit, fmt, "cntr1", "cntr2", "stat");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:981:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ffit, fmt, "int", "int", "char");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:995:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:999:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fitname, "fit%s.txt", fname+4);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1003:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ffit, dfmt, cntr1, cntr2, fitname);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1029:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/cimages.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1046:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1158:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/rimages.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1178:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1192:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(val, "%s.fits", fname);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1200:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(key, "p%s.fits", fname);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1227:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/diffs.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1251:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(plusname, tval(iplusname));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1252:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(minusname, tval(iminusname));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1278:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(val, "p%s.fits", plusname);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1289:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(val, "p%s.fits", minusname);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1339:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/diffs.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1411:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/rimages.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1426:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1442:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(val, "p%s.fits", fname);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1463:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(key, "c%s.fits", fname);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1517:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/cimages_%d_%d.tbl", workdir, i, j);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1532:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1540:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(val, "%s.fits", fname);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1573:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/cimages.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1588:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1596:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(val, "%s.fits", fname);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1655:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/cimages_%d_%d.tbl", workdir, i, j);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1670:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1681:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(val, "%s.fits", fname);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1720:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/cimages.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1735:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1746:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(val, "%s.fits", fname);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1984:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileList, "%s/files.lis", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1985:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(parentList, "%s/parents.lis", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1986:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sortedParent, "%s/sortedParents.lis", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2064:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/bin/mTblSort %s parent %s", path, parentList, sortedParent);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2066:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mTblSort %s parent %s", parentList, sortedParent);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2070:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2074:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2324:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(constraint, "objstr=%s", objStr);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2334:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request, "GET %s%s HTTP/1.1\r\nHOST: %s:%d\r\n\r\n",
data/montage-6.0+dfsg/grid/Pegasus/mDAGFiles.c:88:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(constraint, "survey=%s&loc=%s&width=%s&height=%s&band=%s&suffix=%s&contact=%s", surveystr, locstr, widthstr, heightstr, band, suffix, contact);
data/montage-6.0+dfsg/grid/Pegasus/mDAGFiles.c:107:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request, "GET %s%s HTTP/1.0\r\nHOST: %s:%d\r\n\r\n",
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:203:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(timestr, ctime((const time_t *)(&timeval)));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:239:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(survey, argv[1]);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:240:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(band, argv[2]);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:241:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mosaicCentLon, argv[3]);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:242:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mosaicCentLat, argv[4]);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:243:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mosaicWidth, argv[5]);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:244:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mosaicHeight, argv[6]);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:245:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mosaicCdelt, argv[7]);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:246:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workdir, argv[8]);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:247:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workurlbase, argv[9]);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:248:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(urlbase, argv[10]);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:277:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hdrFile, "%s/region.hdr", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:323:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hdrFile, "%s/big_region.hdr", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:374:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/bin/mArchiveList %s %s \"%s %s gal\" %.2f %.2f %s/images.tbl",
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:378:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mArchiveList %s %s \"%s %s gal\" %.2f %.2f %s/images.tbl",
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:390:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:394:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:401:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:410:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( msg, "%s has no data covering this area", survey);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:422:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/bin/mDAGTbls %s/images.tbl %s/big_region.hdr %s/rimages.tbl %s/pimages.tbl %s/cimages.tbl",
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:425:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mDAGTbls %s/images.tbl %s/big_region.hdr %s/rimages.tbl %s/pimages.tbl %s/cimages.tbl",
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:437:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:441:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:453:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/bin/mOverlaps %s/rimages.tbl %s/diffs.tbl",
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:456:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, " mOverlaps %s/rimages.tbl %s/diffs.tbl",
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:467:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:471:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:512:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/dag.xml", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:515:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/cache.list", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:518:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/url.list", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:551:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/images.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:590:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/rimages.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:620:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/pimages.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:638:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:659:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/diffs.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:669:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/statfile.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:673:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmt, "|%%7s|%%7s|%%22s|\n");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:674:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dfmt, " %%7d %%7d %%22s \n");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:676:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ffit, fmt, "cntr1", "cntr2", "stat");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:677:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ffit, fmt, "int", "int", "char");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:691:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:695:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fitname, "fit%s.txt", fname+4);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:699:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(ffit, dfmt, cntr1, cntr2, fitname);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:725:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/cimages.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:742:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:809:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/rimages.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:829:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:843:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(val, "%s.fits", fname);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:850:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(key, "p%s.fits", fname);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:877:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/diffs.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:901:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(plusname, tval(iplusname));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:902:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(minusname, tval(iminusname));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:928:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(val, "p%s.fits", plusname);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:939:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(val, "p%s.fits", minusname);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:989:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/diffs.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1061:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/rimages.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1076:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1092:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(val, "p%s.fits", fname);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1113:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(key, "c%s.fits", fname);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1159:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/cimages.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1174:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1182:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(val, "%s.fits", fname);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1228:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/cimages.tbl", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1243:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1254:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(val, "%s.fits", fname);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1355:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileList, "%s/files.lis", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1356:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(parentList, "%s/parents.lis", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1357:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sortedParent, "%s/sortedParents.lis", workdir);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1435:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/bin/mTblSort %s parent %s", path, parentList, sortedParent);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1437:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mTblSort %s parent %s", parentList, sortedParent);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1441:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1445:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1695:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(constraint, "objstr=%s", objStr);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1705:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request, "GET %s%s HTTP/1.1\r\nHOST: %s:%d\r\n\r\n",
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:200:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(origimg_file, argv[optind]);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:201:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[optind + 1]);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:202:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rawimg_file, argv[optind + 2]);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:203:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(projimg_file, argv[optind + 3]);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:204:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(corrimg_file, argv[optind + 4]);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:323:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input.fname, fileName(tval(ifname)));
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:347:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmt, "|%%5s|%%8s|%%8s|%%6s|%%6s|%%10s|%%10s|%%10s|%%10s|%%11s|%%11s|%%8s|%%7s|%%10s|%%%ds|\n", namelen+2);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:349:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fraw, fmt,
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:366:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fraw, fmt,
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:385:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmt, "|%%5s|%%8s|%%8s|%%6s|%%6s|%%10s|%%10s|%%10s|%%10s|%%11s|%%11s|%%8s|%%7s|%%%ds|\n", namelen+2);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:388:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fraw, fmt,
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:404:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fraw, fmt,
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:430:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmt, "|%%5s|%%8s|%%8s|%%6s|%%6s|%%10s|%%10s|%%10s|%%10s|%%11s|%%11s|%%8s|%%7s|%%%ds|\n", namelen+2);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:432:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fproj, fmt,
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:448:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fproj, fmt,
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:474:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fcorr, fmt,
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:490:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fcorr, fmt,
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:516:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rfmt, " %%5d %%8s %%8s %%6d %%6d %%10.6f %%10.6f %%10.2f %%10.2f %%11.8f %%11.8f %%8.5f %%7.0f %%10s %%%ds\n", namelen+2);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:518:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rfmt, " %%5d %%8s %%8s %%6d %%6d %%10.6f %%10.6f %%10.2f %%10.2f %%11.8f %%11.8f %%8.5f %%7.0f %%%ds\n", namelen+2);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:520:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pfmt, " %%5d %%8s %%8s %%6d %%6d %%10.6f %%10.6f %%10.2f %%10.2f %%11.8f %%11.8f %%8.5f %%7.0f p%%%ds\n", namelen+2);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:522:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cfmt, " %%5d %%8s %%8s %%6d %%6d %%10.6f %%10.6f %%10.2f %%10.2f %%11.8f %%11.8f %%8.5f %%7.0f c%%%ds\n", namelen+2);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:533:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input.ctype1, tval(ictype1));
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:534:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input.ctype2, tval(ictype2));
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:566:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", input.ctype1 ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:567:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", input.ctype2 ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:593:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input.fname, fileName(tval(ifname)));
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:596:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(scale, tval(iscale));
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:841:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ofile, input.fname);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:886:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fraw, rfmt,
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:905:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fraw, rfmt,
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:922:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fproj, pfmt,
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:938:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fcorr, cfmt,
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:151:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file1, argv[optind]);
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:152:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file2, argv[optind + 1]);
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:153:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 2]);
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:154:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[optind + 3]);
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:166:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/bin/mDiff -n %s %s %s %s", path, input_file1, input_file2,
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:169:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mDiff -n %s %s %s %s", input_file1, input_file2,
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:173:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/bin/mDiff %s %s %s %s", path, input_file1, input_file2,
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:176:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mDiff %s %s %s %s", input_file1, input_file2,
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:188:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:193:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:212:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:226:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/bin/mFitplane -b %d %s", path, border, output_file);
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:228:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mFitplane -b %d %s", border, output_file);
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:238:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:243:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:253:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:263:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(a, svc_value("a"));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:264:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(b, svc_value("b"));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:265:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(c, svc_value("c"));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:266:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(crpix1, svc_value("crpix1"));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:267:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(crpix2, svc_value("crpix2"));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:268:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xmin, svc_value("xmin"));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:269:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xmax, svc_value("xmax"));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:270:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ymin, svc_value("ymin"));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:271:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ymax, svc_value("ymax"));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:272:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xcenter, svc_value("xcenter"));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:273:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ycenter, svc_value("ycenter"));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:274:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(npixel, svc_value("npixel"));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:275:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rms, svc_value("rms"));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:276:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(boxx, svc_value("boxx"));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:277:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(boxy, svc_value("boxy"));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:278:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(boxwidth, svc_value("boxwidth"));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:279:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(boxheight, svc_value("boxheight"));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:280:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(boxang, svc_value("boxang"));
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:101:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request, "GET %s HTTP/1.0\r\nHOST: %s:%d\r\n\r\n",
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:202:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request, "POST %s HTTP/1.0\r\n",base);
data/montage-6.0+dfsg/grid/Pegasus/mNotify.c:71:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(constraint, "jobid=%s&userid=%s&dataurl=%s", jobid, userid, dataurl);
data/montage-6.0+dfsg/grid/Pegasus/mNotify.c:81:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request, "GET %s%s HTTP/1.0\r\nHOST: %s:%d\r\n\r\n",
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:54:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(urlbase, argv[1]);
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:55:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filebase, argv[2]);
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:56:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(locstr, argv[3]);
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:57:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(size, argv[4]);
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:58:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(band, argv[5]);
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:77:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile, argv[8]);
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:144:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file1, argv[optind]);
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:145:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file2, argv[optind + 1]);
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:146:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind + 2]);
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:147:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[optind + 3]);
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:159:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/bin/mDiff -n %s %s %s %s", path, input_file1, input_file2,
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:162:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mDiff -n %s %s %s %s", input_file1, input_file2,
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:166:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/bin/mDiff %s %s %s %s", path, input_file1, input_file2,
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:169:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mDiff %s %s %s %s", input_file1, input_file2,
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:181:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:186:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:196:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:210:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/bin/mFitplane -b %d %s", path, border, output_file);
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:212:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mFitplane -b %d %s", border, output_file);
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:222:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:227:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:237:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:247:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(a, svc_value("a"));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:248:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(b, svc_value("b"));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:249:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(c, svc_value("c"));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:250:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(crpix1, svc_value("crpix1"));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:251:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(crpix2, svc_value("crpix2"));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:252:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xmin, svc_value("xmin"));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:253:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xmax, svc_value("xmax"));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:254:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ymin, svc_value("ymin"));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:255:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ymax, svc_value("ymax"));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:256:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xcenter, svc_value("xcenter"));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:257:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ycenter, svc_value("ycenter"));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:258:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(npixel, svc_value("npixel"));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:259:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rms, svc_value("rms"));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:260:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(boxx, svc_value("boxx"));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:261:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(boxy, svc_value("boxy"));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:262:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(boxwidth, svc_value("boxwidth"));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:263:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(boxheight, svc_value("boxheight"));
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:264:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(boxang, svc_value("boxang"));
data/montage-6.0+dfsg/lib/src/coord/ccalc.c:410:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(clon,"%s%02dh %02dm %02.0fs", (sign? "-":""), hr, hmin, hsec);
data/montage-6.0+dfsg/lib/src/coord/ccalc.c:412:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(clon,"%s%02dh %02dm %0*.*fs", (sign? "-":""), hr, hmin,
data/montage-6.0+dfsg/lib/src/coord/ccalc.c:421:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(clat,"%s%02dd %02dm %02.0fs", (sign? "-":"+"), deg, dmin,
data/montage-6.0+dfsg/lib/src/coord/ccalc.c:424:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(clat,"%s%02dd %02dm %0*.*fs", (sign? "-":"+"), deg, dmin,
data/montage-6.0+dfsg/lib/src/coord/ccalc.c:600:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp,string);
data/montage-6.0+dfsg/lib/src/coord/decimalDegreeToSex.c:186:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lonstr, "%s%02dh %02dm %05.2fs", (neg? "-":""), h, m, s);
data/montage-6.0+dfsg/lib/src/coord/decimalDegreeToSex.c:197:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(latstr, "%s%02dd %02dm %05.2fs", (neg? "-":""), d, m, s);
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:122:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(epoch, cmdv[i]);
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:127:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(epoch, cmdv[i]);
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:211:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lonstr, cmdv[i]);
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:213:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(latstr, cmdv[i]);
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:297:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(lonstr, cmdv[i]);
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:318:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(latstr, cmdv[i]);
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:324:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(csys, sysname[sys]);
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:325:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfmt, fmtstring[fmt]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:47:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(crain, cra);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:48:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cdecin, cdec);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:66:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(coordin, crain);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:124:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmph , p);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:133:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpm , p);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:139:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpm , p);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:149:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmps , p);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:155:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmps , p);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:161:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmps , p);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:176:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmph , subst[0]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:177:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpm , subst[1]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:178:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmps , subst[2]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:183:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpm , subst[0]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:184:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmps , subst[1]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:188:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmps , subst[0]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:196:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpm , subst[0]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:197:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmps , subst[1]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:201:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpm , subst[0]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:208:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmps , subst[0]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:260:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(teststr, coordin);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:290:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(coordin, cdecin);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:340:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpd , p);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:349:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpm , p);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:355:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpm , p);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:365:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmps , p);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:371:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmps , p);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:377:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmps , p);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:391:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpd , subst[0]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:392:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpm , subst[1]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:393:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmps , subst[2]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:398:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpm , subst[0]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:399:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmps , subst[1]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:403:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmps , subst[0]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:413:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpm , subst[0]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:414:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpm , subst[0]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:415:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmps , subst[1]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:419:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpm , subst[0]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:427:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmps , subst[0]);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:476:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(teststr, coordin);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:71:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, instr);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:270:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(json->key[json->count], key);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:273:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(json->val[json->count], val);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:287:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(json->val[json->count], key);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:449:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(subkey, key);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:468:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tail, subkey + i + 1);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:488:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(val, sv->val[i]);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:495:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(val, subval);
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:889:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/data2/act%1d.dat", cdpath, regnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:893:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/data1/act%04d.dat", cdpath, regnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:926:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->isfil, actfile);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:135:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:278:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:321:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (tstring, degform, deg1);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:325:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (tstring, degform, (int)deg1);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:331:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:356:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (string, numform, num);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:360:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (string, numform, (int)num);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:366:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (string, numform, num);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:157:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, sc->caturl);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:351:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:385:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:419:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:517:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, starcat->caturl);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:631:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:945:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bindir, str);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:956:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bindir, str);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:967:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bindir, str);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:978:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bindir, str);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:989:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bindir, str);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:999:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bindir, str);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1020:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (binpath, bindir);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1022:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (binpath, bincat);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1030:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (binpath, bincat);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1125:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->incdir, bindir);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1126:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->incfile, bincat);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1135:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->isfil, binfile);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:238:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (title, "USNO %s Stars", refcatname);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:433:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (title, "USNO %s Stars", refcatname);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:436:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (title, refcatname);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:448:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (title, refcatname);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:464:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (title, refcatname);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:770:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (catname, "%s sources", refcatname);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:963:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (progpath, progpath0);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1294:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (numstr, nform, dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1298:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (numstr, nform, dnum+0.49);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1302:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (numstr, nform, (int)(dnum+0.49));
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1306:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (numstr, nform, (int)(dnum+0.49));
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1932:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (nstring, format, fracpart);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2005:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (temp, " %s", temp1);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2007:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (temp, " %s", temp1);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2990:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (headline, keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:393:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:431:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:470:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:718:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:905:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1248:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (catpath, str);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1250:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (catpath, catdir);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1252:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (catpath, catfile);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1260:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (catpath, catfile);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1290:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->isfil, catname);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1663:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (st->objname, token);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1871:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (st->objname, token);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:429:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (tstring, outform, ihr, imn, sec);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:433:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (tstring, outform, ihr, imn, (int)(sec+0.5));
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:443:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:445:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, dstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:447:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (string, "%sT%s", dstring, tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:423:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (tstring, outform, ihr, imn, sec);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:427:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (tstring, outform, ihr, imn, (int)(sec+0.5));
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:437:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:439:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, dstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:441:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (string, "%sT%s", dstring, tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:272:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (filepath, rootdir);
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:274:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (filepath, token);
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:277:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (filepath, token);
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:304:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (filepath, rootdir);
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:306:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (filepath, token);
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:309:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (filepath, token);
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:329:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
else if (access (filename, R_OK))
data/montage-6.0+dfsg/lib/src/montage_wcs/findstar.c:59:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{strcpy (imcatname, cat); return; }
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:181:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (extnam, ext+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1235:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pw[ifield].kname,temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1256:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pw[ifield].kform, tform);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1317:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rw[ik].kform, pw[ifield].kform);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1318:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rw[ik].kname, pw[ifield].kname);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1583:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (filename, 0)) {
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1622:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (filename, 0)) {
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1884:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (filename, 0)) {
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1970:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (filename, 0)) {
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:2044:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (oldheader, header);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:444:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy (wcsproj, type); return; }
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:497:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (wcstemp, wcsproj);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:499:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (wcstemp, wcsdist);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:502:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (wcstemp, wcsproj);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:504:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (wcstemp, wcsdist);
data/montage-6.0+dfsg/lib/src/montage_wcs/fortwcs.c:279:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (radecsys, wcs->radecsys);
data/montage-6.0+dfsg/lib/src/montage_wcs/gsc2read.c:118:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:189:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdna,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:191:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdsa,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:195:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdn,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:197:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cds,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:613:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdn,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:615:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cds,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:860:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdna,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:862:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdsa,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:866:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdn,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:868:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cds,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1185:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabpath,cdna);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1187:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabpath,cdn);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1199:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabpath,cdsa);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1201:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabpath,cds);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1461:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/%s/%04d.gsc", cdna, zdir[zone], regnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1463:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/gsc/%s/%04d.gsc", cdn, zdir[zone], regnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1469:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/%s/%04d.gsc", cdsa, zdir[zone], regnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1471:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/gsc/%s/%04d.gsc", cds, zdir[zone], regnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:133:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (keyword1, keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:175:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:233:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:289:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:386:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (keyword1, keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:426:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:473:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:674:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (keywordi, "%s_1", keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:678:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (keywordi, "%s_01", keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:682:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (keywordi, "%s_001", keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:695:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (keywordi, keyform, keyword, ikey);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:702:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stri, value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:750:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (keyword1, keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:783:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:999:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cval,v1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1017:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cval,cpar);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1034:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cval, v1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1049:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cval,v1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:150:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (value, format, dval);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:157:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (value, format, dval);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:293:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (keyroot, keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:306:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (newkey, keyroot);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1008:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1151:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1194:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (tstring, degform, deg1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1198:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (tstring, degform, (int)deg1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1204:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1229:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (string, numform, num);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1233:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (string, numform, (int)num);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1239:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (string, numform, num);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:150:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (value, format, dval);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:157:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (value, format, dval);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:291:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (keyroot, keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:304:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (newkey, keyroot);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:973:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1116:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1159:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (tstring, degform, deg1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1163:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (tstring, degform, (int)deg1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1169:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string, tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1194:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (string, numform, num);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1198:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (string, numform, (int)num);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1204:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (string, numform, num);
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:188:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, value);
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:229:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, value);
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:268:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, value);
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:299:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (val, value);
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:333:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, value);
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:374:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (keyword,keyword0);
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:421:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cval,cpar);
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:429:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cval, line);
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:298:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->radecsys, cstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:299:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->radecout, cstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:300:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->radecin, cstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:471:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (temp, ctypes[ptype0]);
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:474:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (temp, ctypes[ptype0]);
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:699:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dateobs0, dateobs);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:896:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (hdrname, 0)) {
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:953:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pixname, newpixname);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:958:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pixname, bang+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:960:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pixname, pixn);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:993:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (!access (pixname, 0)) {
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1228:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (temp,filename);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1229:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pixfile, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1234:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (temp,pixfile);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1235:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pixfile, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1254:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (temp,pixfile);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1255:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pixfile, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:152:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s bits per pixel %d -> %d",
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:178:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s shifted by dx=%d dy=%d",
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:204:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s reflected",filename);
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:214:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s flipped",filename);
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:236:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s reflected, rotated 90 degrees",
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:246:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s flipped, rotated 90 degrees",
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:258:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s rotated 90 degrees",filename);
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:274:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s reflected, rotated 180 degrees",
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:285:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s flipped, rotated 180 degrees",
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:297:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s rotated 180 degrees",filename);
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:310:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s reflected, rotated 270 degrees",
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:322:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s flipped, rotated 270 degrees",
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:334:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s rotated 270 degrees",filename);
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:350:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s reflected top to bottom",filename);
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:153:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s bits per pixel %d -> %d",
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:179:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s shifted by dx=%d dy=%d",
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:205:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s reflected",filename);
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:215:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s flipped",filename);
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:237:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s reflected, rotated 90 degrees",
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:247:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s flipped, rotated 90 degrees",
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:259:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s rotated 90 degrees",filename);
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:275:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s reflected, rotated 180 degrees",
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:286:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s flipped, rotated 180 degrees",
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:298:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s rotated 180 degrees",filename);
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:311:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s reflected, rotated 270 degrees",
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:323:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s flipped, rotated 270 degrees",
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:335:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s rotated 270 degrees",filename);
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:351:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history,"Copy of image %s reflected top to bottom",filename);
data/montage-6.0+dfsg/lib/src/montage_wcs/imsetwcs.c:1141:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy (matchcat, cat); return; }
data/montage-6.0+dfsg/lib/src/montage_wcs/imutil.c:2572:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (newhead, header);
data/montage-6.0+dfsg/lib/src/montage_wcs/imutil.c:2642:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history, "%s blocked %dx%d", filename, xfactor, yfactor);
data/montage-6.0+dfsg/lib/src/montage_wcs/imutil.c:2644:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (history, "%40s blocked / %dx%d", filename, xfactor, yfactor);
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:159:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:163:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:249:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabbuff, colhead);
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:250:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (tabbuff, colsep);
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:251:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (tabbuff, databuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:143:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tstr, "obs\t%s\n", obs);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:144:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabhead, tstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:171:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tstr, "epoch\t%s\n",dstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:172:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (tabhead, tstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:176:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:179:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tstr, "sra\t%s\n",rastr);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:180:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (tabhead, tstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:181:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (tstr, "sdec\t%s\n",decstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:182:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (tabhead, tstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:192:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (tabhead, tstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:194:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (tabhead, tstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:203:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (tabhead, tstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:212:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (tabhead, tstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:214:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (tabhead, tstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:221:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:228:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:334:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabbuff, tabhead);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:450:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (temp, format, ra);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:332:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:365:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:399:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:702:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (objname, star->objname);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1183:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tvalue, value);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1236:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->isfil, tabname);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1372:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->keymag[sc->nmag], keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1377:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->keymag[sc->nmag], keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1382:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->keymag[sc->nmag], keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1390:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->keymag[sc->nmag], keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1507:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->keymag[sc->nmag], sc->keyrv);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1520:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->keymag[sc->nmag], sc->keyepoch);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1576:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->keyadd, kwo);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1803:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (st->objname, cnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1973:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabname, tabcomma+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1985:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (taberr,"TABOPEN: Tab table file %s has no entries",
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1994:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (taberr,"TABOPEN: Tab table file %s cannot be read",
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2008:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (taberr,"TABOPEN: cannot allocate %d bytes for tab table structure for %s",
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2024:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (taberr,"TABOPEN: cannot allocate filename %s in structure",
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2031:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabtable->filename, tabfile);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2036:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (taberr,"TABOPEN: cannot allocate buffer for tab table %s",
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2128:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (taberr,"TABOPEN: No - line in tab table %s",tabfile);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2137:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (taberr,"TABOPEN: No - line in tab table %s",tabfile);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabsort.c:76:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buffout, table[0]->entry);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabsort.c:78:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (buffout, table[i]->entry);
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:1095:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (zonepath, "%s/%03d/t%04d.cat", tmcpath, izone, ireg);
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:1100:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (zonepath, "%s/idr2psc%s.tbl", tmcpath, rdir[zone]);
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:1176:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->isfil, zonefile);
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:905:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabpath, str);
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:910:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabpath, ty2cd);
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:982:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabpath, str);
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:986:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabpath, ty2cd);
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:1197:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ty2path, str);
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:1202:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ty2path, ty2cd);
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:1242:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->isfil, ty2file);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:232:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (usa2path,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:238:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (usa1path,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:247:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ua2path,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:250:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdroot,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:257:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ua1path,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:260:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdroot,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:638:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (usa2path,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:644:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (usa1path,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:653:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ua2path,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:656:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdroot,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:663:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ua1path,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:666:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdroot,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:847:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (usa2path,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:853:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (usa1path,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:862:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ua2path,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:865:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdroot,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:872:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ua1path,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:875:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdroot,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:1383:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/zone%04d.cat", uapath, zn);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:1387:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/zone%04d.cat", uapath, zn);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:1396:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/%s/zone%04d.cat", cdroot, cdname[icd-1], zn);
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:173:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ub1path,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:179:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (yb6path,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:646:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ub1path,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:652:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (yb6path,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:828:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ub1path,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:834:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (yb6path,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:1436:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/%03d/b%04d.cat", upath, zn/10, zn);
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:1297:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (zonepath, "%s/u1/z%03d", ucacpath, zone);
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:1299:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (zonepath, "%s/u2/z%03d", ucacpath, zone);
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:1301:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (zonepath, "%s/z%03d", ucacpath, zone);
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:1303:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (zonepath, "%s/z%03d", ucacpath, zone);
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:1349:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->isfil, zonefile);
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:1252:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (zonepath, "%s/u1/z%03d", ucacpath, zone);
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:1254:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (zonepath, "%s/u2/z%03d", ucacpath, zone);
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:1256:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (zonepath, "%s/z%03d", ucacpath, zone);
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:1293:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sc->isfil, zonefile);
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:142:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdu,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:423:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdu,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:560:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdu,str);
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:980:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (path, catname);
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:988:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/ZONE%04d.CAT", cdu, zn);
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:990:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (path,"%s/zone%04d.cat", cdu, zn);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:190:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->ptype,proj);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:193:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (wcs->ctype[0],proj);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:194:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (wcs->ctype[1],proj);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:319:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->radecout, wcs->radecsys);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:393:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->ctype[0], ctype1);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:394:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->c1type, ctype1);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:395:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->ptype, ctype1);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:437:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (wcs->ctype[0],"%-4s%4s",wcs->c1type,wcs->ptype);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:527:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->ctype[1], ctype2);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:528:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->c2type, ctype2);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:580:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (wcs->ctype[1],"%-4s%4s",wcs->c2type,wcs->ptype);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1172:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->radecsys,coorsys);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1576:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (comform, wcs->command_format[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1593:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, xystring, filename);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1595:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, filename, xystring);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1599:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, xystring, filename,
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1602:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, filename, xystring,
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1605:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, filename, wcstring,
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1610:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, xystring, wcstring,
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1613:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, wcstring, xystring,
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1616:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, wcstring, filename,
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1620:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, xystring);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1622:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, xystring, wcstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1624:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, wcstring, xystring);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1629:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, filename);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1631:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, filename, wcstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1633:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, wcstring, filename);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1636:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)sprintf(command, comform, wcstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1637:8: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ier = system (command);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1663:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->radecout, wcs->radecsys);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1711:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->radecout, coorsys);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1771:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->radecin, wcs->radecsys);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1815:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->radecin, coorsys);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1930:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf (wcstring,"%s %s", rastr, decstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1932:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf (wcstring,"%s %s", rastr, decstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1957:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf (wcstring,"%s %s", rastr, decstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1960:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf (wcstring,"%s %s", rastr, decstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2042:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (wcstring, wcs->radecout);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2056:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (rastr, wcs->units[0]);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2060:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (decstr, wcs->units[1]);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2067:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf (wcstring,"%s %s", rastr, decstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2069:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf (wcstring,"%s %s", rastr, decstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2084:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (wcstring, wcs->units[0]);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2088:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (wcstring, wcs->units[1]);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2454:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcsfile, filename);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2463:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy (wcserrmsg, errmsg); return; }
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2491:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy (wcscoor0, wcscoor); return; }
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2513:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcscom0[i], wcscom);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2657:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (kwd[++nkwd], keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2662:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (kwd[++nkwd], keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2667:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (kwd[++nkwd], keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2672:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (kwd[++nkwd], keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2677:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (kwd[++nkwd], keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2711:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (kwdc, kwd[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2722:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (kwdc, kwd[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:260:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->wcsname, wcsname);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:330:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (keyword, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:348:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (keyword, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:405:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ctype2, ctype1);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:410:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->ctype[0], ctype1);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:411:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->ctype[1], ctype2);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:875:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf (wcs->center,"%2.0f:%2.0f:%5.3f %c%2.0f:%2.0f:%5.3f %s",
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1200:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errstr,"*Error*: incorrect linear conversion in %s",
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1219:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errstr,"*Error*: incorrect linear conversion in %s",
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1260:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errstr,"*Error*: incorrect linear conversion in %s",
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1318:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->radecout, wcs->radecsys);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1321:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->radecin, wcs->radecsys);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1458:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wcs->radecsys,systring);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:483:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(requir, "DEC--%s", wcs->pcode);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:489:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(requir, "RA---%s", wcs->pcode);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:495:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(requir, "%s-%s", wcs->lattyp, wcs->pcode);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:501:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(requir, "%s-%s", wcs->lngtyp, wcs->pcode);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:507:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(requir, "%s-%s", wcs->lattyp, wcs->pcode);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:513:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(requir, "%s-%s", wcs->lngtyp, wcs->pcode);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:130:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (srchurl, "?catalog=%s&ra=%.7f&dec=%.7f&system=%s&format=tab",
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:137:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:141:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:147:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:150:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:156:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:164:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:170:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:179:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:200:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:203:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:223:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:226:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:232:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:235:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:338:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (numlist, numstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:341:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (numlist, numstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:346:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (srchurl, "?catalog=%s&num=%s&ndec=4&outsys=%s",refcatname,numlist,csys);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:349:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:432:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (srchurl, caturl);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:433:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, srchpar);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:521:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabtable->filename, caturl);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:532:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabtable->tabname, srchpar);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:674:12: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
(void) fscanf(sok, "%*s %d %s\r\n", &status, linebuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:936:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hostname, file);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:125:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (srchurl, "?catalog=%s&ra=%.7f&dec=%.7f&system=%s&format=tab",
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:132:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:136:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:142:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:145:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:151:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:159:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:165:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:174:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:195:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:198:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:218:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:221:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:227:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:230:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:332:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (numlist, numstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:335:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (numlist, numstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:340:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (srchurl, "?catalog=%s&num=%s&ndec=4&outsys=%s",refcatname,numlist,csys);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:343:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, temp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:426:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (srchurl, caturl);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:427:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (srchurl, srchpar);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:511:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabtable->filename, caturl);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:521:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tabtable->tabname, srchpar);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:625:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (command, "GET %s HTTP/1.1\r\nHost: %s\r\n\r\n",urlpath,server);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:626:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (sok, command);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:662:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "GET %s\r\nHost: %s\r\n\r\n",urlpath,server);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:663:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(sok1, command);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:881:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hostname, file);
data/montage-6.0+dfsg/lib/src/montage_wcs/zpxpos.c:105:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (header1, header);
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:224:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(keystr[nhdr], dval);
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:262:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(keyword[nkey], kptr);
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:263:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value [nkey], vptr);
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:273:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tbl_hdr_string, dval);
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:377:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tbl_typ_string, dval);
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:422:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tbl_uni_string, dval);
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:467:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tbl_nul_string, dval);
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:692:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tbl_rec_string, dval);
data/montage-6.0+dfsg/lib/src/mtbl/test/nian2.c:41:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, ret);
data/montage-6.0+dfsg/lib/src/mtbl/test/nian2.c:50:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(type, ret);
data/montage-6.0+dfsg/lib/src/mtbl/test/nian2.c:79:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outstr, ptr);
data/montage-6.0+dfsg/lib/src/mtbl/test/tbl2xml.c:46:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(intbl, argv[1]);
data/montage-6.0+dfsg/lib/src/mtbl/test/tbl2xml.c:47:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outxml, argv[2]);
data/montage-6.0+dfsg/lib/src/mtbl/test/tbl2xml.c:48:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(objstr, argv[3]);
data/montage-6.0+dfsg/lib/src/mtbl/test/tbl2xml.c:49:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xcolname, argv[4]);
data/montage-6.0+dfsg/lib/src/mtbl/test/tbl2xml.c:50:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xlabel, argv[5]);
data/montage-6.0+dfsg/lib/src/mtbl/test/tbl2xml.c:51:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ycolname, argv[6]);
data/montage-6.0+dfsg/lib/src/mtbl/test/tbl2xml.c:52:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ylabel, argv[7]);
data/montage-6.0+dfsg/lib/src/svc/structlib.c:69:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, instr);
data/montage-6.0+dfsg/lib/src/svc/structlib.c:250:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(svc->key[svc->count], key);
data/montage-6.0+dfsg/lib/src/svc/structlib.c:253:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(svc->val[svc->count], val);
data/montage-6.0+dfsg/lib/src/svc/structlib.c:267:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(svc->val[svc->count], key);
data/montage-6.0+dfsg/lib/src/svc/structlib.c:417:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(subkey, key);
data/montage-6.0+dfsg/lib/src/svc/structlib.c:436:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tail, subkey + i + 1);
data/montage-6.0+dfsg/lib/src/svc/structlib.c:448:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(val, sv->val[i]);
data/montage-6.0+dfsg/lib/src/svc/structlib.c:455:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(val, subval);
data/montage-6.0+dfsg/lib/src/svc/svclib.c:278:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, svcstr);
data/montage-6.0+dfsg/lib/src/svc/svclib.c:345:7: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(path, cmdv);
data/montage-6.0+dfsg/lib/src/svc/svclib.c:457:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(svc_list[index]->svcname, name);
data/montage-6.0+dfsg/lib/src/svc/svclib.c:458:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(svc_list[index]->sigfunc, sig);
data/montage-6.0+dfsg/lib/src/svc/svclib.c:459:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(svc_list[index]->quitstr, quit);
data/montage-6.0+dfsg/lib/src/svc/test/structtest.c:29:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(structstr, instr);
data/montage-6.0+dfsg/lib/src/svc/test/structtest.c:77:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(structstr, instr);
data/montage-6.0+dfsg/lib/src/svc/test/structtest.c:87:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value, sv->val[j]);
data/montage-6.0+dfsg/lib/src/svc/test/structtest.c:92:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value, sv->val[j]);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:436:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Keyname, "%s", "A_ORDER");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:437:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Comment, "%s", "");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:456:12: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(CP_Comment, "%s", "");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:472:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Keyname, "%s", "A_DMAX");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:473:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Comment, "%s", "");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:488:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Keyname, "%s", "B_ORDER");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:489:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Comment, "%s", "");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:509:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Comment, "%s", "");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:526:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Keyname, "%s", "B_DMAX");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:527:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Comment, "%s", "");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:542:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Keyname, "%s", "AP_ORDER");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:543:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Comment, "%s", "");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:561:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Comment, "%s", "");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:577:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Keyname, "%s", "BP_ORDER");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:578:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Comment, "%s", "");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:597:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Comment, "%s", "");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:613:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Keyname, "%s", "CRPIX1");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:614:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Comment, "%s", "");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:629:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Keyname, "%s", "CRPIX2");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:630:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(CP_Comment, "%s", "");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:186:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mod_key,key);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:205:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value, char_value);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:220:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mod_key,key);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:255:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mod_key,key);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:291:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mod_key,key);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:27:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( intemplate, argv[1]);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:28:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outtemplate, argv[2]);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/two_plane.c:763:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(two_plane->projection_type_1,wcs->ptype);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/two_plane.c:764:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(two_plane->projection_type_2,WCS->ptype);
data/montage-6.0+dfsg/lib/src/www/www.c:84:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpdir, workdir);
data/montage-6.0+dfsg/lib/src/www/www.c:138:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(debugFile, "%s/KEYDBGXXXXXX", tmpdir);
data/montage-6.0+dfsg/lib/src/www/www.c:209:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(boundary, pboundary);
data/montage-6.0+dfsg/lib/src/www/www.c:332:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(end_boundary, boundary);
data/montage-6.0+dfsg/lib/src/www/www.c:469:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fline, line);
data/montage-6.0+dfsg/lib/src/www/www.c:486:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(entries[nentry].name, line + 1);
data/montage-6.0+dfsg/lib/src/www/www.c:533:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffb, boundary);
data/montage-6.0+dfsg/lib/src/www/www.c:537:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffe, end_boundary);
data/montage-6.0+dfsg/lib/src/www/www.c:772:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(entries[i].val, valbuf1);
data/montage-6.0+dfsg/lib/src/www/www.c:922:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(val, entries[0].name);
data/montage-6.0+dfsg/lib/src/www/www.c:1171:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(keyword_stripped, ptr);
data/montage-6.0+dfsg/lib/src/www/www.c:1453:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(entries[nentry].val, fname);
data/montage-6.0+dfsg/lib/src/www/www.c:1480:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(entries[nentry].fname, "%s/UPLOAD", tmpdir);
data/montage-6.0+dfsg/lib/src/www/www.c:1485:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(entries[nentry].fname, entries[nentry].val);
data/montage-6.0+dfsg/lib/src/www/www.c:1695:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(in, out);
data/montage-6.0+dfsg/lib/src/www/www.c:1793:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(timeout, "%s,%02d-%s-%04d %02d:%02d:%02d GMT",
data/montage-6.0+dfsg/lib/src/www/www.c:1856:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mytitle, title);
data/montage-6.0+dfsg/lib/src/www/www.c:1862:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(myheader, getenv("HTML_HEADER"));
data/montage-6.0+dfsg/lib/src/www/www.c:1864:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(myheader, HTML_HEADER);
data/montage-6.0+dfsg/lib/src/www/www.c:1867:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(myheader, header);
data/montage-6.0+dfsg/lib/src/www/www.c:1938:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(myfooter, getenv("HTML_FOOTER"));
data/montage-6.0+dfsg/lib/src/www/www.c:1940:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(myfooter, HTML_FOOTER);
data/montage-6.0+dfsg/lib/src/www/www.c:1943:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(myfooter, footer);
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:109:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:161:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(url, tval(iurl));
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:164:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, tval(ifile));
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:179:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, ptr+1);
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:196:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filebase, file);
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:202:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(urlbase, url);
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:238:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mArchiveGet -r -t %d %s&X1=%d&X2=%d&Y1=%d&Y2=%d %s_%d_%d.fits",
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:247:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mArchiveGet -r %s&X1=%d&X2=%d&Y1=%d&Y2=%d %s_%d_%d.fits",
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:262:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:281:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "ln -s /stage%s %s", url+73, file);
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:289:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:301:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mArchiveGet -t %d %s %s",
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:306:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mArchiveGet %s %s",
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:318:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:330:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "gunzip %s", file);
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:331:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:114:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(urlStr, argv[optind]);
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:125:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, argv[optind+1]);
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:150:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "bunzip2 %s", fileName);
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:156:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:267:33: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else if(sig == SIGALRM ) strcpy(msg, archive_msg);
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:79:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(source, argv[2]);
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:114:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(constraint, "survey=%s&band=%s&location=%s&width=%s&height=%s&mode=%s",
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:150:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request, "GET http://%s:%d%s%s HTTP/1.0\r\n\r\n",
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:153:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request, "GET %s%s HTTP/1.0\r\nHOST: %s:%d\r\n\r\n",
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:368:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hostStr, hostPtr);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:164:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[1]);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:306:24: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if(ictype1 >= 0) strcpy(ctype1, tval(ictype1));
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:307:24: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if(ictype2 >= 0) strcpy(ctype2, tval(ictype2));
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:342:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, tval(ifname));
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:345:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(url, tval(iurl));
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:420:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", ctype1 ); stradd(header, temp);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:421:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", ctype2 ); stradd(header, temp);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:680:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bestName, fname);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:683:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bestURL, url);
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:93:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, optarg);
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:123:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:124:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(calfile, argv[optind+1]);
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:198:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, filePath(path, tval(ifname)));
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:200:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mCalibrate %s", fname);
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:203:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:207:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:134:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[1]);
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:151:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mCatSearch %s %s", input_file, tmptbl);
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:154:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(status, svc_value("stat"));
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:205:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ra, tval(ira));
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:206:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dec, tval(idec));
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:214:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mExamine -a %s %s %s", ra, dec, input_file);
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:216:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(status, svc_value("stat"));
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:220:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(status, svc_value("stat"));
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:172:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colname, optarg);
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:192:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[optind]);
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:193:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind+1]);
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:194:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template_file, argv[optind+2]);
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:788:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(header[0], line);
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:105:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[1]);
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:106:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[2]);
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:121:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mExamine %s", input_file);
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:124:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(status, svc_value("stat"));
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:129:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ra1, svc_value("ra1"));
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:130:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dec1, svc_value("dec1"));
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:131:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ra2, svc_value("ra2"));
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:132:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dec2, svc_value("dec2"));
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:133:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ra3, svc_value("ra3"));
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:134:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dec3, svc_value("dec3"));
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:135:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ra4, svc_value("ra4"));
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:136:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dec4, svc_value("dec4"));
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:149:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(constraint, "catalog=usno_b1&selcols=usno_b1,ra,dec,b1_mag,b2_mag,r1_mag,r2_mag,i_mag&spatial=polygon&polygon=%s+%s,+%s+%s,+%s+%s,+%s+%s&order=b1_mag&outfmt=1\" %s", ra1, dec1, ra2, dec2, ra3, dec3, ra4, dec4, output_file);
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:185:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request, "GET http://%s:%d%s%s HTTP/1.0\r\n\r\n",
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:188:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request, "GET %s%s HTTP/1.0\r\nHOST: %s:%d\r\n\r\n",
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:348:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hostStr, hostPtr);
data/montage-6.0+dfsg/util/Examine/mExamine.c:267:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, argv[1]);
data/montage-6.0+dfsg/util/Examine/mExamine.c:337:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype1, wcs->ctype[0]);
data/montage-6.0+dfsg/util/Examine/mExamine.c:338:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype2, wcs->ctype[1]);
data/montage-6.0+dfsg/util/Examine/mExamine.c:360:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (proj, ctype1+5);
data/montage-6.0+dfsg/util/Exec/mExec.c:50:7: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
char *mktemp (char *template);
data/montage-6.0+dfsg/util/Exec/mExec.c:396:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infoFile, optarg);
data/montage-6.0+dfsg/util/Exec/mExec.c:436:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hdrtext, optarg);
data/montage-6.0+dfsg/util/Exec/mExec.c:452:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hdrfile, optarg);
data/montage-6.0+dfsg/util/Exec/mExec.c:456:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpfile, optarg);
data/montage-6.0+dfsg/util/Exec/mExec.c:464:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(debugFile, optarg);
data/montage-6.0+dfsg/util/Exec/mExec.c:468:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pngFile, optarg);
data/montage-6.0+dfsg/util/Exec/mExec.c:472:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(labelText, optarg);
data/montage-6.0+dfsg/util/Exec/mExec.c:476:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(locText, optarg);
data/montage-6.0+dfsg/util/Exec/mExec.c:480:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(contactText, optarg);
data/montage-6.0+dfsg/util/Exec/mExec.c:485:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rawdir, optarg);
data/montage-6.0+dfsg/util/Exec/mExec.c:489:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, cwd);
data/montage-6.0+dfsg/util/Exec/mExec.c:497:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp, rawdir);
data/montage-6.0+dfsg/util/Exec/mExec.c:499:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rawdir, temp);
data/montage-6.0+dfsg/util/Exec/mExec.c:538:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(savefile, filePath(cwd, tmpfile));
data/montage-6.0+dfsg/util/Exec/mExec.c:566:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workspace[0], argv[optind]);
data/montage-6.0+dfsg/util/Exec/mExec.c:577:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(survey[0], argv[optind]);
data/montage-6.0+dfsg/util/Exec/mExec.c:578:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(band[0], argv[optind+1]);
data/montage-6.0+dfsg/util/Exec/mExec.c:581:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workspace[0], argv[optind+2]);
data/montage-6.0+dfsg/util/Exec/mExec.c:598:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(survey[iband], argv[optind+3*iband]);
data/montage-6.0+dfsg/util/Exec/mExec.c:599:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(band[iband], argv[optind+3*iband+1]);
data/montage-6.0+dfsg/util/Exec/mExec.c:600:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workspace[iband], argv[optind+3*iband+2]);
data/montage-6.0+dfsg/util/Exec/mExec.c:611:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workspace[0], template);
data/montage-6.0+dfsg/util/Exec/mExec.c:625:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, cwd);
data/montage-6.0+dfsg/util/Exec/mExec.c:633:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp, workspace[iband]);
data/montage-6.0+dfsg/util/Exec/mExec.c:635:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workspace[iband], temp);
data/montage-6.0+dfsg/util/Exec/mExec.c:705:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Can't open original header template file: [%s]",
data/montage-6.0+dfsg/util/Exec/mExec.c:711:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/region.hdr", workspace[iband]);
data/montage-6.0+dfsg/util/Exec/mExec.c:717:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Can't open workspace header template file: [%s]",
data/montage-6.0+dfsg/util/Exec/mExec.c:751:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s/region.hdr", workspace[iband]);
data/montage-6.0+dfsg/util/Exec/mExec.c:757:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Can't open workspace header template file: [%s]",
data/montage-6.0+dfsg/util/Exec/mExec.c:1176:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mArchiveList %s %s \"%.4f %.4f eq j2000\" %.2f %.2f remote.tbl",
data/montage-6.0+dfsg/util/Exec/mExec.c:1179:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mArchiveList %s %s \"%.4f %.4f eq j2000\" %.2f %.2f remote_big.tbl",
data/montage-6.0+dfsg/util/Exec/mExec.c:1197:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1201:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1208:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1217:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( msg, "%s/%s has no data covering area", survey[iband], band[iband]);
data/montage-6.0+dfsg/util/Exec/mExec.c:1257:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1261:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1270:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( msg, "%s has no data overlapping this area", survey[iband]);
data/montage-6.0+dfsg/util/Exec/mExec.c:1335:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1339:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1346:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1417:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( msg, "%s/%s has no data covering area", survey[iband], band[iband]);
data/montage-6.0+dfsg/util/Exec/mExec.c:1443:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mv %s/rimages_full.tbl .", rawdir);
data/montage-6.0+dfsg/util/Exec/mExec.c:1451:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/montage-6.0+dfsg/util/Exec/mExec.c:1463:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1467:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1475:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( msg, "%s/%s has no data covering area", survey[iband], band[iband]);
data/montage-6.0+dfsg/util/Exec/mExec.c:1523:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1527:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1574:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(datadir, rawdir);
data/montage-6.0+dfsg/util/Exec/mExec.c:1585:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( infile, tval(ifname));
data/montage-6.0+dfsg/util/Exec/mExec.c:1587:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mShrink %s/%s shrunken/%s %-g",
data/montage-6.0+dfsg/util/Exec/mExec.c:1598:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1602:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1639:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( infile, tval(ifname));
data/montage-6.0+dfsg/util/Exec/mExec.c:1644:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (outfile, infile);
data/montage-6.0+dfsg/util/Exec/mExec.c:1674:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(scale_str, tval(iscale));
data/montage-6.0+dfsg/util/Exec/mExec.c:1682:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, filePath(datadir, infile));
data/montage-6.0+dfsg/util/Exec/mExec.c:1712:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mGetHdr %s orig.hdr", path);
data/montage-6.0+dfsg/util/Exec/mExec.c:1722:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1726:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1741:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1745:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1806:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectQL -x %s -X %s/%s projected/%s big_region.hdr",
data/montage-6.0+dfsg/util/Exec/mExec.c:1810:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectPP -b 1 -i altin.hdr -o altout.hdr -x %s -X %s/%s projected/%s big_region.hdr",
data/montage-6.0+dfsg/util/Exec/mExec.c:1814:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectPP -b 1 -i altin.hdr -x %s -X %s/%s projected/%s big_region.hdr",
data/montage-6.0+dfsg/util/Exec/mExec.c:1818:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectPP -b 1 -o altout.hdr -x %s -X %s/%s projected/%s big_region.hdr",
data/montage-6.0+dfsg/util/Exec/mExec.c:1822:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProjectPP -b 1 -x %s -X %s/%s projected/%s big_region.hdr",
data/montage-6.0+dfsg/util/Exec/mExec.c:1826:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mProject -x %s -X %s/%s projected/%s big_region.hdr",
data/montage-6.0+dfsg/util/Exec/mExec.c:1837:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1843:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1850:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:1860:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(msg, tval(ifname));
data/montage-6.0+dfsg/util/Exec/mExec.c:1866:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(msg, tval(ifname));
data/montage-6.0+dfsg/util/Exec/mExec.c:1871:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(goodFile, outfile);
data/montage-6.0+dfsg/util/Exec/mExec.c:1893:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd, filePath(rawdir, infile));
data/montage-6.0+dfsg/util/Exec/mExec.c:1938:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mSubimage projected/%s mosaic.fits %.6f %.6f %.6f %.6f",
data/montage-6.0+dfsg/util/Exec/mExec.c:2014:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2018:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2111:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname1, tval(ifname1));
data/montage-6.0+dfsg/util/Exec/mExec.c:2112:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname2, tval(ifname2));
data/montage-6.0+dfsg/util/Exec/mExec.c:2113:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(diffname, tval(idiffname));
data/montage-6.0+dfsg/util/Exec/mExec.c:2116:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mDiff -n projected/%s projected/%s diffs/%s big_region.hdr", fname1, fname2, diffname);
data/montage-6.0+dfsg/util/Exec/mExec.c:2118:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mDiff projected/%s projected/%s diffs/%s big_region.hdr", fname1, fname2, diffname);
data/montage-6.0+dfsg/util/Exec/mExec.c:2134:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2138:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2152:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mFitplane -l diffs/%s", diffname);
data/montage-6.0+dfsg/util/Exec/mExec.c:2154:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mFitplane diffs/%s", diffname);
data/montage-6.0+dfsg/util/Exec/mExec.c:2170:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2174:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2214:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "diffs/%s", diffname);
data/montage-6.0+dfsg/util/Exec/mExec.c:2217:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(areafile, cmd);
data/montage-6.0+dfsg/util/Exec/mExec.c:2275:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2279:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2423:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file, tval(ifname));
data/montage-6.0+dfsg/util/Exec/mExec.c:2427:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mBackground -n projected/%s corrected/%s %-g %-g %-g",
data/montage-6.0+dfsg/util/Exec/mExec.c:2431:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mBackground projected/%s corrected/%s %-g %-g %-g",
data/montage-6.0+dfsg/util/Exec/mExec.c:2453:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2461:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2469:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "projected/%s", file);
data/montage-6.0+dfsg/util/Exec/mExec.c:2472:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(areafile, cmd);
data/montage-6.0+dfsg/util/Exec/mExec.c:2483:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "projected/%s", file);
data/montage-6.0+dfsg/util/Exec/mExec.c:2486:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(areafile, cmd);
data/montage-6.0+dfsg/util/Exec/mExec.c:2568:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2572:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2594:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2598:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2614:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2618:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2642:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2646:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2696:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2700:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:2717:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/montage-6.0+dfsg/util/Exec/mExec.c:2749:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(savetmp, "%s.fits", savefile);
data/montage-6.0+dfsg/util/Exec/mExec.c:2751:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(savetmp, "%s_%s.fits", savefile, band[iband]);
data/montage-6.0+dfsg/util/Exec/mExec.c:2766:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Can't open save file: [%s]", savetmp);
data/montage-6.0+dfsg/util/Exec/mExec.c:2826:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, filePath("corrected", tval(ifname)));
data/montage-6.0+dfsg/util/Exec/mExec.c:2832:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(areafile, infile);
data/montage-6.0+dfsg/util/Exec/mExec.c:2886:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, filePath("projected", tval(ifname)));
data/montage-6.0+dfsg/util/Exec/mExec.c:2892:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(areafile, infile);
data/montage-6.0+dfsg/util/Exec/mExec.c:2930:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/montage-6.0+dfsg/util/Exec/mExec.c:2945:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/montage-6.0+dfsg/util/Exec/mExec.c:2996:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:3000:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:3038:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(labelText, locText);
data/montage-6.0+dfsg/util/Exec/mExec.c:3164:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mViewer -saturate 255 -ct 1 -mark %.6f %.6f eq J2000 7 red -gray %s/mosaic.fits -2s max gaussian-log -out %s",
data/montage-6.0+dfsg/util/Exec/mExec.c:3167:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mViewer -saturate 255 -ct 1 -gray %s/mosaic.fits -2s max gaussian-log -out %s", workspace[0], pngFile);
data/montage-6.0+dfsg/util/Exec/mExec.c:3179:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mViewer -saturate 255 -ct 1 -mark %.6f %.6f eq J2000 7 red -blue %s/mosaic.fits -2s max gaussian-log -red %s/mosaic.fits -2s max gaussian-log -out %s",
data/montage-6.0+dfsg/util/Exec/mExec.c:3182:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mViewer -saturate 255 -ct 1 -blue %s/mosaic.fits -2s max gaussian-log -red %s/mosaic.fits -2s max gaussian-log -out %s",
data/montage-6.0+dfsg/util/Exec/mExec.c:3195:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mViewer -saturate 255 -mark %.6f %.6f eq J2000 7 red -blue %s/mosaic.fits -0.50s max gaussian-log -green %s/mosaic.fits -0.50s max gaussian-log -red %s/mosaic.fits -0.50s max gaussian-log -out %s",
data/montage-6.0+dfsg/util/Exec/mExec.c:3198:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mViewer -saturate 255 -blue %s/mosaic.fits -0.50s max gaussian-log -green %s/mosaic.fits -0.50s max gaussian-log -red %s/mosaic.fits -0.50s max gaussian-log -out %s",
data/montage-6.0+dfsg/util/Exec/mExec.c:3216:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:3220:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( msg, svc_value( "msg" ));
data/montage-6.0+dfsg/util/Exec/mExec.c:3253:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "rm -rf %s", workspace[iband]);
data/montage-6.0+dfsg/util/Exec/mExec.c:3261:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(cmd);
data/montage-6.0+dfsg/util/Exec/mExec.c:3360:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Bad FITS file [%s]",
data/montage-6.0+dfsg/util/FixNaN/mFixNaN.c:178:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[optind]);
data/montage-6.0+dfsg/util/FixNaN/mFixNaN.c:186:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[optind+1]);
data/montage-6.0+dfsg/util/FixNaN/mFixNaN.c:594:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", fluxfile);
data/montage-6.0+dfsg/util/Hdr/mHdr.c:92:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sysstr, optarg);
data/montage-6.0+dfsg/util/Hdr/mHdr.c:96:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(equistr, optarg);
data/montage-6.0+dfsg/util/Hdr/mHdr.c:100:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(heightstr, optarg);
data/montage-6.0+dfsg/util/Hdr/mHdr.c:104:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(resstr, optarg);
data/montage-6.0+dfsg/util/Hdr/mHdr.c:108:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rotstr, optarg);
data/montage-6.0+dfsg/util/Hdr/mHdr.c:112:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bandStr, optarg);
data/montage-6.0+dfsg/util/Hdr/mHdr.c:149:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile, argv[optind+2]);
data/montage-6.0+dfsg/util/Hdr/mHdr.c:151:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(constraint, "location=%s&width=%s",
data/montage-6.0+dfsg/util/Hdr/mHdr.c:157:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(constraint, url_encode(heightstr));
data/montage-6.0+dfsg/util/Hdr/mHdr.c:163:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(constraint, url_encode(sysstr));
data/montage-6.0+dfsg/util/Hdr/mHdr.c:169:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(constraint, url_encode(equistr));
data/montage-6.0+dfsg/util/Hdr/mHdr.c:175:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(constraint, url_encode(resstr));
data/montage-6.0+dfsg/util/Hdr/mHdr.c:181:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(constraint, url_encode(rotstr));
data/montage-6.0+dfsg/util/Hdr/mHdr.c:187:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(constraint, band2MASS);
data/montage-6.0+dfsg/util/Hdr/mHdr.c:222:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request, "GET http://%s:%d%s%s HTTP/1.0\r\n\r\n",
data/montage-6.0+dfsg/util/Hdr/mHdr.c:225:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request, "GET %s%s HTTP/1.0\r\nHOST: %s:%d\r\n\r\n",
data/montage-6.0+dfsg/util/Hdr/mHdr.c:440:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hostStr, hostPtr);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:363:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sysstring, argv[i+3]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:364:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(epochstring, argv[i+4]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:368:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorstring, argv[i+6]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:496:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(statusfile, argv[i+1]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:522:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(grayfile, argv[i+1]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:529:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(grayminstr, argv[i+2]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:530:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(graymaxstr, argv[i+3]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:555:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(graybetastr, argv[i+5]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:609:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redfile, argv[i+1]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:616:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redminstr, argv[i+2]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:617:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redmaxstr, argv[i+3]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:642:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redbetastr, argv[i+5]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:696:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenfile, argv[i+1]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:703:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenminstr, argv[i+2]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:704:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenmaxstr, argv[i+3]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:730:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenbetastr, argv[i+5]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:786:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bluefile, argv[i+1]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:793:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(blueminstr, argv[i+2]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:794:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bluemaxstr, argv[i+3]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:817:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bluebetastr, argv[i+5]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:873:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(jpegfile, argv[i+1]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:3657:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(comment, line);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:524:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(basefile, optarg);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:536:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(basefile, optarg);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:541:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, optarg);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:565:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, argv[optind]);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:670:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infofile, basefile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:748:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memfile, basefile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:791:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(set[0].file, infile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:802:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(singleId, ptr);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:831:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memfile, basefile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:857:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memfile, basefile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:892:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(set[0].file, infile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:974:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infofile, basefile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:995:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memfile, basefile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1049:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(set[i].file, tval(ifile));
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1050:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(set[i].name, tval(iname));
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1071:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infofile, basefile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1092:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memfile, basefile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1133:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(set[0].file, infile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1144:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(singleId, ptr);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1162:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, path);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1168:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tblfile, set[iset].file);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1222:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memfile, basefile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1263:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memfile, basefile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1321:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, path);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1327:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tblfile, set[iset].file);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1553:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype1, tval(ictype1));
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1554:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype2, tval(ictype2));
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1587:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (proj, ctype1+4);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1652:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", ctype1 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1653:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", ctype2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2026:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(reorg, basefile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2046:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(countfile, basefile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2072:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infofile, basefile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2096:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(oldname, basefile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2103:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(oldname, basefile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2173:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd, cmdv[0]);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2522:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, cmdv[1]);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2523:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(summary, cmdv[2]);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2965:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmt, "|%%%lds|%%10s|\n", ilen);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2968:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fsum, fmt, "identifier", "count");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2975:16: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fsum, fmt, singleId, setcount[0].srcmatch);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2987:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outstr, tbl_hdr_string);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2997:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outstr, tbl_typ_string);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3009:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outstr, tbl_rec_string);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3062:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(summary, cmdv[1]);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3093:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmt, "|%%%lds|%%10s|\n", ilen);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3096:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fsum, fmt, "identifier", "count");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3109:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outstr, tbl_hdr_string);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3119:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outstr, tbl_typ_string);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3144:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fsum, fmt, singleId, setcount[i].match);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3149:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outstr, tbl_rec_string);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3208:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(setName, cmdv[1]);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3229:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(summary, cmdv[1]);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3231:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(summary, cmdv[2]);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3247:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, path);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3253:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tblfile, set[subsetSetid].file);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3330:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, cmdv[1]);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3335:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(setName, cmdv[2]);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3350:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, path);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3356:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tblfile, set[i].file);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3380:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(refNames, tbl_hdr_string);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3384:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(refTypes, tbl_typ_string);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3385:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(refUnits, tbl_uni_string);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3386:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(refNulls, tbl_nul_string);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3389:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(refBlank, refNames);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3407:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(summary, cmdv[2]);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3409:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(summary, cmdv[3]);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3422:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblBlank, tbl_hdr_string);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:4429:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(out_string, tbl_rec_string);
data/montage-6.0+dfsg/util/Pad/mPad.c:187:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(histfile, argv[i+5]);
data/montage-6.0+dfsg/util/Pad/mPad.c:227:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[0]);
data/montage-6.0+dfsg/util/Pad/mPad.c:228:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[1]);
data/montage-6.0+dfsg/util/Pad/mPad.c:268:10: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %s", label, datavalStr[i]);
data/montage-6.0+dfsg/util/Pad/mPad.c:688:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", fluxfile);
data/montage-6.0+dfsg/util/Pix2Coord/mFixHdr.c:46:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, argv[1]);
data/montage-6.0+dfsg/util/Pix2Coord/mFixHdr.c:47:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile, argv[2]);
data/montage-6.0+dfsg/util/Pix2Coord/mPix2Coord.c:115:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpl, argv[optind]);
data/montage-6.0+dfsg/util/Rotate/mRotate.c:220:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(input_file, argv[1]);
data/montage-6.0+dfsg/util/Rotate/mRotate.c:228:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(output_file, argv[2]);
data/montage-6.0+dfsg/util/Rotate/mRotate.c:962:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Image file %s missing or invalid FITS", fluxfile);
data/montage-6.0+dfsg/util/Search/mSearch.c:467:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(basefile, optarg);
data/montage-6.0+dfsg/util/Search/mSearch.c:475:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(basefile, optarg);
data/montage-6.0+dfsg/util/Search/mSearch.c:480:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, optarg);
data/montage-6.0+dfsg/util/Search/mSearch.c:504:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infile, argv[optind]);
data/montage-6.0+dfsg/util/Search/mSearch.c:582:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infofile, basefile);
data/montage-6.0+dfsg/util/Search/mSearch.c:660:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memfile, basefile);
data/montage-6.0+dfsg/util/Search/mSearch.c:703:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(set[0].file, infile);
data/montage-6.0+dfsg/util/Search/mSearch.c:732:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memfile, basefile);
data/montage-6.0+dfsg/util/Search/mSearch.c:758:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memfile, basefile);
data/montage-6.0+dfsg/util/Search/mSearch.c:793:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(set[0].file, infile);
data/montage-6.0+dfsg/util/Search/mSearch.c:804:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(singleId, ptr);
data/montage-6.0+dfsg/util/Search/mSearch.c:890:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infofile, basefile);
data/montage-6.0+dfsg/util/Search/mSearch.c:911:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memfile, basefile);
data/montage-6.0+dfsg/util/Search/mSearch.c:965:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(set[i].file, tval(ifile));
data/montage-6.0+dfsg/util/Search/mSearch.c:966:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(set[i].name, tval(iname));
data/montage-6.0+dfsg/util/Search/mSearch.c:987:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infofile, basefile);
data/montage-6.0+dfsg/util/Search/mSearch.c:1008:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memfile, basefile);
data/montage-6.0+dfsg/util/Search/mSearch.c:1049:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(set[0].file, infile);
data/montage-6.0+dfsg/util/Search/mSearch.c:1060:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(singleId, ptr);
data/montage-6.0+dfsg/util/Search/mSearch.c:1078:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, path);
data/montage-6.0+dfsg/util/Search/mSearch.c:1084:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tblfile, set[iset].file);
data/montage-6.0+dfsg/util/Search/mSearch.c:1140:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memfile, basefile);
data/montage-6.0+dfsg/util/Search/mSearch.c:1181:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memfile, basefile);
data/montage-6.0+dfsg/util/Search/mSearch.c:1239:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, path);
data/montage-6.0+dfsg/util/Search/mSearch.c:1245:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tblfile, set[iset].file);
data/montage-6.0+dfsg/util/Search/mSearch.c:1399:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype1, tval(ictype1));
data/montage-6.0+dfsg/util/Search/mSearch.c:1400:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctype2, tval(ictype2));
data/montage-6.0+dfsg/util/Search/mSearch.c:1433:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (proj, ctype1+4);
data/montage-6.0+dfsg/util/Search/mSearch.c:1498:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", ctype1 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/Search/mSearch.c:1499:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", ctype2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/Search/mSearch.c:1868:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(reorg, basefile);
data/montage-6.0+dfsg/util/Search/mSearch.c:1916:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infofile, basefile);
data/montage-6.0+dfsg/util/Search/mSearch.c:1940:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(oldname, basefile);
data/montage-6.0+dfsg/util/Search/mSearch.c:1947:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(oldname, basefile);
data/montage-6.0+dfsg/util/Search/mSearch.c:2017:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd, cmdv[0]);
data/montage-6.0+dfsg/util/Search/mSearch.c:2320:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, cmdv[1]);
data/montage-6.0+dfsg/util/Search/mSearch.c:2321:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(summary, cmdv[2]);
data/montage-6.0+dfsg/util/Search/mSearch.c:2699:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmt, "|%%%lds|%%10s|\n", ilen);
data/montage-6.0+dfsg/util/Search/mSearch.c:2702:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fsum, fmt, "identifier", "count");
data/montage-6.0+dfsg/util/Search/mSearch.c:2709:16: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fsum, fmt, singleId, setcount[0].srcmatch);
data/montage-6.0+dfsg/util/Search/mSearch.c:2723:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outstr, tbl_hdr_string);
data/montage-6.0+dfsg/util/Search/mSearch.c:2733:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outstr, tbl_typ_string);
data/montage-6.0+dfsg/util/Search/mSearch.c:2745:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outstr, tbl_rec_string);
data/montage-6.0+dfsg/util/Search/mSearch.c:2798:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(summary, cmdv[1]);
data/montage-6.0+dfsg/util/Search/mSearch.c:2829:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fmt, "|%%%lds|%%10s|\n", ilen);
data/montage-6.0+dfsg/util/Search/mSearch.c:2832:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fsum, fmt, "identifier", "count");
data/montage-6.0+dfsg/util/Search/mSearch.c:2847:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outstr, tbl_hdr_string);
data/montage-6.0+dfsg/util/Search/mSearch.c:2857:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outstr, tbl_typ_string);
data/montage-6.0+dfsg/util/Search/mSearch.c:2882:19: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fsum, fmt, singleId, setcount[i].match);
data/montage-6.0+dfsg/util/Search/mSearch.c:2887:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outstr, tbl_rec_string);
data/montage-6.0+dfsg/util/Search/mSearch.c:2946:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(setName, cmdv[1]);
data/montage-6.0+dfsg/util/Search/mSearch.c:2967:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(summary, cmdv[1]);
data/montage-6.0+dfsg/util/Search/mSearch.c:2969:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(summary, cmdv[2]);
data/montage-6.0+dfsg/util/Search/mSearch.c:2985:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, path);
data/montage-6.0+dfsg/util/Search/mSearch.c:2991:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tblfile, set[subsetSetid].file);
data/montage-6.0+dfsg/util/Search/mSearch.c:3071:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, cmdv[1]);
data/montage-6.0+dfsg/util/Search/mSearch.c:3076:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(setName, cmdv[2]);
data/montage-6.0+dfsg/util/Search/mSearch.c:3091:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, path);
data/montage-6.0+dfsg/util/Search/mSearch.c:3097:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tblfile, set[i].file);
data/montage-6.0+dfsg/util/Search/mSearch.c:3123:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(refNames, tbl_hdr_string);
data/montage-6.0+dfsg/util/Search/mSearch.c:3127:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(refTypes, tbl_typ_string);
data/montage-6.0+dfsg/util/Search/mSearch.c:3128:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(refUnits, tbl_uni_string);
data/montage-6.0+dfsg/util/Search/mSearch.c:3129:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(refNulls, tbl_nul_string);
data/montage-6.0+dfsg/util/Search/mSearch.c:3132:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(refBlank, refNames);
data/montage-6.0+dfsg/util/Search/mSearch.c:3150:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(summary, cmdv[2]);
data/montage-6.0+dfsg/util/Search/mSearch.c:3152:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(summary, cmdv[3]);
data/montage-6.0+dfsg/util/Search/mSearch.c:3167:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblBlank, tbl_hdr_string);
data/montage-6.0+dfsg/util/Search/mSearch.c:4066:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(out_string, tbl_rec_string);
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:106:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(itmpl, argv[optind]);
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:107:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(otmpl, argv[optind+1]);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:22:7: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
char *mktemp(char *template);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:116:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile, optarg);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:134:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblfile, argv[optind]);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:135:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(survey, argv[optind+1]);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:136:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(band, argv[optind+2]);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:137:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sizestr, argv[optind+3]);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:140:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workspace, argv[optind+4]);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:145:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workspace, mktemp(template));
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:145:25: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
strcpy(workspace, mktemp(template));
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:150:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, cwd);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:158:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp, workspace);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:160:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workspace, temp);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:171:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hdrFile, mktemp(template));
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:171:20: [4] (tmpfile) mktemp:
Temporary file race condition (CWE-377).
strcpy(hdrFile, mktemp(template));
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:250:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(locstr, tval(iname));
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:253:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rastr, tval(ira));
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:254:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(decstr, tval(idec));
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:278:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(locstr, "%s %s", rastr, decstr);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:293:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lblstr, tval(iname));
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:295:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lblstr, locstr);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:298:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(namestr, locstr);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:300:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(directory, workspace);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:305:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dirstr, lblstr);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:314:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(directory, dirstr);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:319:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mHdr \"%s\" %s %s", locstr, sizestr, hdrFile);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:329:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:347:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mExec -x -L \"%s\" -O \"%s\" -l -f %s %s %s %s",
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:350:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mExec -L \"%s\" -O \"%s\" -l -f %s %s %s %s",
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:361:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:135:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(statfile, argv[i+1]);
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:186:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(inputFile, argv[1]);
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:194:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outputFile, argv[2]);
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:210:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errstr, "Input image file %s missing or invalid FITS", inputFile);
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:599:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newcard, checkKeyword(keyname, card, naxis));
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:856:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(retstr, card);
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:858:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wcskey, wcs[i]);
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:886:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(retstr, card);
data/montage-6.0+dfsg/util/Viewer/grid.c:975:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, dstr);
data/montage-6.0+dfsg/util/Viewer/grid.c:981:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, mstr);
data/montage-6.0+dfsg/util/Viewer/grid.c:991:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, sstr);
data/montage-6.0+dfsg/util/Viewer/grid.c:1073:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, hstr);
data/montage-6.0+dfsg/util/Viewer/grid.c:1083:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, mstr);
data/montage-6.0+dfsg/util/Viewer/grid.c:1093:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(label, sstr);
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:187:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(grayfile, argv[i+1]);
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:196:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(grayminstr, argv[i+2]);
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:197:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(graymaxstr, argv[i+3]);
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:222:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(graybetastr, argv[i+5]);
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:275:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(histfile, argv[i+1]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:616:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fontfile, FONT_DIR);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:619:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fontfile, getenv("MONTAGE_FONT_DIR"));
data/montage-6.0+dfsg/util/Viewer/mViewer.c:749:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorstr, argv[i+1]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:892:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(label[nlabel].text, argv[i+3]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1109:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(scaleColumn, argv[i+1]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1143:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorColumn, argv[i+1]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1160:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symSizeColumn, argv[i+1]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1177:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symShapeColumn, argv[i+1]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1194:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(labelColumn, argv[i+1]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1215:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cat[ncat].scaleColumn, scaleColumn);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1217:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].file, argv[i+1]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1222:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cat[ncat].scaleColumn, argv[i+1]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1256:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].colorColumn, colorColumn);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1257:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].labelColumn, labelColumn);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1258:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].symSizeColumn, symSizeColumn);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1259:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].symShapeColumn, symShapeColumn);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1320:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].file, argv[i+1]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1339:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cat[ncat].colorColumn, colorColumn);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1385:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(statusfile, argv[i+1]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1411:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(grayfile, argv[i+1]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1435:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(grayhistfile, argv[i+3]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1440:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(grayminstr, argv[i+2]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1441:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(graymaxstr, argv[i+3]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1466:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(graybetastr, argv[i+5]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1535:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redfile, argv[i+1]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1559:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redhistfile, argv[i+3]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1565:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redminstr, argv[i+2]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1566:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redmaxstr, argv[i+3]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1591:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redbetastr, argv[i+5]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1659:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenfile, argv[i+1]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1683:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenhistfile, argv[i+3]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1689:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenminstr, argv[i+2]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1690:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenmaxstr, argv[i+3]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1715:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenbetastr, argv[i+5]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1783:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bluefile, argv[i+1]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1807:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bluehistfile, argv[i+3]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1813:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(blueminstr, argv[i+2]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1814:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bluemaxstr, argv[i+3]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1839:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bluebetastr, argv[i+5]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1908:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pngfile, argv[i+1]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1924:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(jpegfile, argv[i+1]);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1966:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenfile, redfile);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1973:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenminstr, redminstr);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1974:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenmaxstr, redmaxstr);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1978:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(greenbetastr, redbetastr);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:3987:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorstr, tval(icolor));
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4003:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symbolstr, tval(isymsize));
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4048:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(symbolstr, tval(isymshape));
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4136:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(labelstr, tval(ilabel));
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4267:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorstr, tval(icolor));
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4293:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(im_ctype1, tval(ictype1));
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4294:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(im_ctype2, tval(ictype2));
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4316:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE1 = '%s'", im_ctype1 ); stradd(im_header, temp);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4317:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "CTYPE2 = '%s'", im_ctype2 ); stradd(im_header, temp);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4695:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorstr, colorin);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4698:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorstr, colorin+1);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5679:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %d", label, type);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5684:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %lf %lf", label, minval, maxval);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5689:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %lf %lf", label, datamin, datamax);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5692:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %lf %lf", label, median, sigma);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5696:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %lf", label, &rmin);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5699:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %lf", label, &rmax);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5702:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %lf", label, &delta);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5705:4: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %lu", label, &npix);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5712:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %lf", label, dataval+i);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5721:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %lf %d %lf %lf", label, datalev+i, hist+i, chist+i, gausslev+i);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5895:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5994:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5997:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5999:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:RDF xmlns:rdf=\"http://www.w3.org/1999/02/22-rdf-syntax-ns#\">\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6000:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:Description rdf:about=\"\"\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6001:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " xmlns:avm=\"http://www.communicatingastronomy.org/avm/1.0/\">\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6002:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:MetadataVersion>1.1</avm:MetadataVersion>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6003:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Type>Observation</avm:Type>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6004:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Spatial.Quality>Full</avm:Spatial.Quality>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6005:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, " <avm:Spatial.CoordinateFrame>%s</avm:Spatial.CoordinateFrame>\n", csys); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6005:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Spatial.CoordinateFrame>%s</avm:Spatial.CoordinateFrame>\n", csys); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6006:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Spatial.Equinox>%.1f</avm:Spatial.Equinox>\n", equinox); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6007:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, " <avm:Spatial.CoordsystemProjection>%s</avm:Spatial.CoordsystemProjection>\n", proj); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6007:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Spatial.CoordsystemProjection>%s</avm:Spatial.CoordsystemProjection>\n", proj); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6008:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Spatial.Rotation>%.10e</avm:Spatial.Rotation>\n", crota2); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6009:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Spatial.ReferenceDimension>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6010:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6011:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:li>%d</rdf:li>\n", naxis1); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6012:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:li>%d</rdf:li>\n", naxis2); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6013:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6014:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </avm:Spatial.ReferenceDimension>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6015:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Spatial.ReferenceValue>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6016:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6017:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", crval1); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6018:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", crval2); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6019:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6020:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </avm:Spatial.ReferenceValue>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6021:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Spatial.ReferencePixel>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6022:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6023:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", crpix1); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6024:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", crpix2); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6025:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6026:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </avm:Spatial.ReferencePixel>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6027:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <avm:Spatial.Scale>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6028:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6029:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", xinc); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6030:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", yinc); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6031:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6032:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </avm:Spatial.Scale>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6033:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </rdf:Description>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6034:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, " </rdf:RDF>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6035:109: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
sprintf(line, "</x:xmpmeta>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6040:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(comment, line);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:90:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpname, argv[1]);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:91:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(directory, argv[2]);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:125:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "http://tapvizier.u-strasbg.fr/TAPVizieR/tap/tables/%s", catname);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:136:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xmlfile, directory);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:138:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(xmlfile, filename);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:218:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tblname, xmlinfo_value(tag));
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:220:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpname, tblname);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:226:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tabfile, "%s/%s.tab", directory, tmpname);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:227:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tblfile, "%s/%s.tbl", directory, tmpname);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:229:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(table[i], "%s.tbl", tmpname);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:267:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, xmlinfo_value(tag));
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:273:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(description, xmlinfo_value(tag));
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:278:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(unit, xmlinfo_value(tag));
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:283:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(utype, xmlinfo_value(tag));
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:288:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ucd, xmlinfo_value(tag));
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:293:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dataType, xmlinfo_value(tag));
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:308:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(flagval, xmlinfo_value(tag));
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:328:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "tab2tbl -h 1 %s %s", tabfile, tblfile);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:338:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( status, svc_value( "stat" ));
data/montage-6.0+dfsg/web/mTAP/tapResults.c:64:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ref, argv[1]);
data/montage-6.0+dfsg/web/mTAP/tapResults.c:65:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfile, argv[2]);
data/montage-6.0+dfsg/web/mTAP/tapResults.c:71:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "http://tapvizier.u-strasbg.fr/TAPVizieR/tap/async/%s/results/result", ref);
data/montage-6.0+dfsg/web/mTAP/tapStatus.c:66:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ref, argv[1]);
data/montage-6.0+dfsg/web/mTAP/tapStatus.c:72:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "http://tapvizier.u-strasbg.fr/TAPVizieR/tap/async/%s", ref);
data/montage-6.0+dfsg/web/mTAP/tapStatus.c:148:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(status, xmlinfo_value("uws:job.uws:phase"));
data/montage-6.0+dfsg/web/mTAP/tapSubmit.c:55:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(adql, line);
data/montage-6.0+dfsg/web/mTAP/tapSubmit.c:68:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "lang=adql&request=doQuery&PHASE=RUN&query=%s", url_encode(adql));
data/montage-6.0+dfsg/web/mTAP/tapSubmit.c:164:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(locationStr, begin);
data/montage-6.0+dfsg/web/mViewer/checkFileExist.c:35:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fname_in, fname);
data/montage-6.0+dfsg/web/mViewer/checkFileExist.c:44:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (filePath, directory);
data/montage-6.0+dfsg/web/mViewer/checkFileExist.c:60:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filePath, fname);
data/montage-6.0+dfsg/web/mViewer/checkFileExist.c:75:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filePath, fname);
data/montage-6.0+dfsg/web/mViewer/checkFileExist.c:77:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, fname);
data/montage-6.0+dfsg/web/mViewer/checkFileExist.c:80:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fname, cptr+1);
data/montage-6.0+dfsg/web/mViewer/checkFileExist.c:94:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, fname_in);
data/montage-6.0+dfsg/web/mViewer/checkFileExist.c:107:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (suffix, cptr+1);
data/montage-6.0+dfsg/web/mViewer/checkFileExist.c:115:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rootname, str);
data/montage-6.0+dfsg/web/mViewer/colorLookup.c:81:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (colorstr, Colorval[l]);
data/montage-6.0+dfsg/web/mViewer/colorLookup.c:107:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (colorstr, Hexval[l]);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:103:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hexval, &color[1]);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:107:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (colorlowercase, color);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:119:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, defaultcolor[l]);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:121:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hexcolor, &defaultHexcolor[l][1]);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:142:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hexval, &defaultHexcolor[indx][1]);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:204:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"baseurl\": \"%s\",\n", param->baseURL);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:205:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:207:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"helphtml\": \"%s\",\n", param->helphtml);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:208:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:209:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"cmd\": \"%s\",\n", param->cmd);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:210:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:224:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:227:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:229:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, " \"datadir\": \"%s\",\n", param->cubedatadir);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:230:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:232:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, " \"fitsfile\": \"%s\",\n", param->imcubefile);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:233:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:235:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, " \"planeavemode\": \"%s\",\n", param->planeavemode);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:236:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:239:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:241:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:243:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:246:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:248:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:251:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:258:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:260:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:284:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:286:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"imagename\": \"%s\",\n", param->imname);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:287:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:300:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"file\": \"%s\",\n", param->jpgfile);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:301:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:304:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"reffile\": \"%s\",\n", param->refjpgfile);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:305:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:308:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"imagetype\": \"%s\",\n", param->imageType);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:309:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:312:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:314:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:319:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:321:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:326:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:328:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:330:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:333:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"imsys\": \"%s\",\n", param->imcsys);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:334:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:344:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:359:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:362:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:364:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"datadir\": \"%s\",\n", param->imdatadir);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:365:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:367:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"fitsfile\": \"%s\",\n", param->grayFile);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:368:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:370:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"cutoutfile\": \"%s\",\n", param->subsetimfile);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:371:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:372:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"shrunkfile\": \"%s\",\n", param->shrunkimfile);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:373:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:391:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:393:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"stretchmin\": \"%s\",\n", param->stretchMin);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:394:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:395:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"stretchmax\": \"%s\",\n", param->stretchMax);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:396:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:397:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"stretchmode\": \"%s\",\n", param->stretchMode);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:398:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:400:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"datamin\": \"%s\",\n", param->datamin);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:401:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:402:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"datamax\": \"%s\",\n", param->datamax);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:403:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:405:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"percmin\": \"%s\",\n", param->percminstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:406:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:407:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"percmax\": \"%s\",\n", param->percmaxstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:408:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:410:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"sigmamin\": \"%s\",\n", param->sigmaminstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:411:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:412:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"sigmamax\": \"%s\",\n", param->sigmamaxstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:413:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:415:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"dispmin\": \"%s\",\n", param->minstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:416:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:417:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"dispmax\": \"%s\",\n", param->maxstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:418:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:421:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:423:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:425:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"bunit\": \"%s\"\n", param->bunit);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:426:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:429:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:431:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:455:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:458:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:460:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"datadir\": \"%s\",\n", param->imdatadir);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:461:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:463:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"fitsFile\": \"%s\",\n", param->redFile);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:464:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:466:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"cutoutFile\": \"%s\",\n", param->subsetredfile);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:467:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:468:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"shrunkFile\": \"%s\",\n", param->shrunkredfile);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:469:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:471:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"stretchMin\": \"%s\",\n", param->redMin);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:472:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:473:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"stretchMax\": \"%s\",\n", param->redMax);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:474:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:475:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"stretchMode\": \"%s\",\n", param->redMode);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:476:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:478:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"dataMin\": \"%s\",\n", param->reddatamin);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:479:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:480:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"dataMax\": \"%s\",\n", param->reddatamax);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:481:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:483:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"percMin\": \"%s\",\n", param->redpercminstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:484:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:485:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"percMax\": \"%s\",\n", param->redpercmaxstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:486:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:488:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"sigmaMin\": \"%s\",\n", param->redsigmaminstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:489:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:490:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"sigmaMax\": \"%s\",\n", param->redsigmamaxstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:491:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:493:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"dispMin\": \"%s\",\n", param->redminstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:494:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:495:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"dispMax\": \"%s\",\n", param->redmaxstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:496:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:504:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:506:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:507:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"bunit\": \"%s\"\n", param->bunit);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:508:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:521:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:534:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:537:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:540:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:542:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"fitsFile\": \"%s\",\n", param->greenFile);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:543:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:545:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"cutoutFile\": \"%s\",\n",
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:547:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:548:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"shrunkFile\": \"%s\",\n",
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:550:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:552:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"stretchMin\": \"%s\",\n", param->greenMin);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:553:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:554:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"stretchMax\": \"%s\",\n", param->greenMax);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:555:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:556:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"stretchMode\": \"%s\",\n", param->greenMode);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:557:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:559:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"dataMin\": \"%s\",\n", param->grndatamin);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:560:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:561:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"dataMax\": \"%s\",\n", param->grndatamax);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:562:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:564:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"percMin\": \"%s\",\n", param->grnpercminstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:565:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:566:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"percMax\": \"%s\",\n", param->grnpercmaxstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:567:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:569:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"sigmaMin\": \"%s\",\n",
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:571:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:572:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"sigmaMax\": \"%s\",\n",
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:574:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:576:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"dispMin\": \"%s\",\n", param->grnminstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:577:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:578:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"dispMax\": \"%s\"\n", param->grnmaxstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:579:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:582:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:598:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:601:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:604:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:606:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"fitsFile\": \"%s\",\n", param->blueFile);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:607:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:609:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"cutoutFile\": \"%s\",\n",
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:611:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:612:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"shrunkFile\": \"%s\",\n",
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:614:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:616:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"stretchMin\": \"%s\",\n", param->blueMin);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:617:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:618:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"stretchMax\": \"%s\",\n", param->blueMax);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:619:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:620:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"stretchMode\": \"%s\",\n", param->blueMode);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:621:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:623:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"dataMin\": \"%s\",\n", param->bluedatamin);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:624:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:625:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"dataMax\": \"%s\",\n", param->bluedatamax);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:626:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:628:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"percMin\": \"%s\",\n",
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:630:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:631:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"percMax\": \"%s\",\n",
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:633:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:635:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"sigmaMin\": \"%s\",\n",
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:637:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:638:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"sigmaMax\": \"%s\",\n",
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:640:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:642:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"dispMin\": \"%s\",\n", param->blueminstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:643:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:644:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"dispMax\": \"%s\"\n", param->bluemaxstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:645:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:649:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:667:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:670:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:672:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"cutoutfile\": \"%s\",\n", param->subsetimfile);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:673:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:682:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:684:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:688:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:690:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:694:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:696:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:702:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:704:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:706:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:708:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:711:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:720:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:723:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:730:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:732:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:734:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:736:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:742:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:743:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"picksys\": \"%s\",\n", param->pickcsys);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:744:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:747:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:749:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:752:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:754:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:756:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"sexrapick\": \"%s\",\n", param->sexrapick);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:757:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:758:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"sexdecpick\": \"%s\"\n", param->sexdecpick);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:759:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:762:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:784:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:787:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:789:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->jsonStr, retstr);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:804:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:807:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:810:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:824:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (layervis, param->overlay[l].visible);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:832:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (layertype, param->overlay[l].type);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:833:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (layercolor, param->overlay[l].color);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:834:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (layercsys, param->overlay[l].coordSys);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:856:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:859:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:861:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"coordsys\": \"%s\",\n", layercsys);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:862:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:868:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hexcolor, &defaultHexcolor[4][1]);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:881:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hexcolor, layercolor);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:890:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"color\": \"%s\",\n", hexcolor);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:891:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:899:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:903:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:906:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:915:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (symtype, param->overlay[l].symType);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:916:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (symsize, param->overlay[l].symSize);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:917:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (location, param->overlay[l].location);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:928:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:931:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:934:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:936:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"symtype\": \"%s\",\n", symtype);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:937:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:940:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"symsize\": \"%s\",\n", symsize);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:941:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:944:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"location\": \"%s\",\n", location);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:945:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:964:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hexcolor, layercolor);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:974:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"color\": \"%s\",\n", hexcolor);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:975:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:982:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:986:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:989:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:995:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (layerfilename, param->overlay[l].dataFile);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:996:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (symtype, param->overlay[l].symType);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:997:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (symside, param->overlay[l].symSide);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:998:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (symsize, param->overlay[l].symSize);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:999:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (datacol, param->overlay[l].dataCol);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1000:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dataref, param->overlay[l].dataRef);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1001:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (datatype, param->overlay[l].dataType);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1016:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1019:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1022:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1024:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"datadir\": \"%s\",\n",
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1026:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1028:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"datafile\": \"%s\",\n", layerfilename);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1029:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1041:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hexcolor, layercolor);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1049:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"color\": \"%s\",\n", hexcolor);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1050:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1052:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"symtype\": \"%s\",\n", symtype);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1053:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1055:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"symsize\": \"%s\",\n", symsize);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1056:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1057:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"symside\": \"%s\",\n", symside);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1058:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1063:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"datacol\": \"%s\",\n", datacol);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1064:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1066:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"dataref\": \"%s\",\n", dataref);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1067:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1069:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"datatype\": \"%s\",\n", datatype);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1070:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1078:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1082:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1085:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1091:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (layerfilename, param->overlay[l].dataFile);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1099:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1102:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1105:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1107:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"datadir\": \"%s\",\n",
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1109:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1111:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"datafile\": \"%s\",\n", layerfilename);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1112:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1124:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hexcolor, layercolor);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1132:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"color\": \"%s\",\n", hexcolor);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1133:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1140:21: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1145:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1148:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1155:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1158:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1161:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1167:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hexcolor, &defaultHexcolor[4][1]);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1179:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hexcolor, layercolor);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1187:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"color\": \"%s\",\n", hexcolor);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1188:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1190:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"location\": \"%s\",\n",
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1192:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1194:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, " \"text\": \"%s\",\n",
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1196:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1202:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1206:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1209:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1214:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1216:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1219:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (retstr, str);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1228:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->jsonStr, retstr);
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:135:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to open FITS file [%s]\n", cubepath);
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:154:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "fname [%s] doesn't contain any HDU", cubepath);
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:366:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (cmd, "unlink %s", impath);
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:367:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
istatus = system (cmd);
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:376:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to create output fitsfile [%s]\n", impath);
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:420:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to close cubepath [%s]\n", cubepath);
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:439:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to open FITS file [%s]\n", cubepath);
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:573:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to close cubepath [%s]\n", cubepath);
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:579:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to close impath [%s]\n", impath);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:74:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(baseurl, config_value("ISIS_WORKURL"));
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:82:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(directory, config_value("ISIS_WORKDIR"));
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:96:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->workspace, strtrim(keyword_value("workspace")));
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:104:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->directory, "%s/%s", directory, param->workspace);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:105:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->baseURL, "%s/%s", baseurl, param->workspace);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:124:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(param->jsonStr, strtrim(keyword_value("json")));
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:171:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->helphtml, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:186:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->imname, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:200:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->imageType, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:221:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->canvasWidthStr, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:240:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->canvasHeightStr, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:259:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->refWidthStr, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:278:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->refHeightStr, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:394:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->subsetimfile, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:562:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->imcsys, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:578:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->objname, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:594:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->filter, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:610:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->pixscale, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:811:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->sexrapick, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:826:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->sexdecpick, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:860:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->pickcsys, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:902:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->cubedatadir, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:911:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->imcubefile, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:920:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->planeavemode, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1088:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->bunit, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1101:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->imdatadir, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1114:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->grayFile, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1129:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->shrunkimfile, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1139:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->colorTable, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1149:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->stretchMode, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1159:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->datamin, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1168:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->datamax, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1178:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->minstr, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1187:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->maxstr, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1197:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->percminstr, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1206:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->percmaxstr, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1217:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->sigmaminstr, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1226:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->sigmamaxstr, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1237:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->stretchMin, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1247:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->stretchMax, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1307:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->redFile, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1317:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->subsetredfile, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1326:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->shrunkredfile, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1336:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->redMode, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1346:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->redMin, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1357:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->redMax, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1403:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->bunit, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1432:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->greenFile, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1441:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->greenMode, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1451:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->greenMin, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1461:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->greenMax, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1470:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->subsetimfile, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1479:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->shrunkimfile, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1510:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->blueFile, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1521:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->blueMode, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1532:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->blueMin, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1544:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->blueMax, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1552:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->subsetimfile, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1561:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->shrunkimfile, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1644:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].type, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1659:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].visible, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1693:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].color, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1713:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].coordSys, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1732:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].datadir, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1752:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].dataFile, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1767:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].coordSys, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1789:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].symType, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1807:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].symSide, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1826:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].symSide, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1844:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].dataCol, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1862:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].dataType, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1880:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].dataRef, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1905:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].symType, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1922:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].location, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1938:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].symSize, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1955:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].symSize, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1974:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].location, str);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1990:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->overlay[l].text, str);
data/montage-6.0+dfsg/web/mViewer/fileCopy.c:34:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (cmd, "copyfile %s %s", fromfile, tofile);
data/montage-6.0+dfsg/web/mViewer/fileCopy.c:49:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to copyfile: cmd= [%s]", cmd);
data/montage-6.0+dfsg/web/mViewer/fileCopy.c:53:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (status, svc_value("stat"));
data/montage-6.0+dfsg/web/mViewer/fileCopy.c:63:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to copyfile: cmd= [%s]", cmd);
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:151:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to open FITS file [%s]\n", cubepath);
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:171:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "fname [%s] doesn't contain any HDU", cubepath);
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:544:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (cmd, "unlink %s", impath);
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:545:19: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
istatus = system (cmd);
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:552:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to create output fitsfile [%s]\n",
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:644:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to close cubepath [%s]\n", cubepath);
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:656:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to close impath [%s]\n", impath);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:85:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (hdr->errmsg, "Failed to open FITS file [%s]\n", fname);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:104:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (hdr->errmsg, "fname [%s] doesn't contain any HDU", fname);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:231:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "keyword %s not found in fits header", key);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:244:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to convert %s string to integer", str);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:409:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hdr->cunit[l], str);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:443:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (hdr->ctype[l], str);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:485:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to convert %s string to double", str);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:531:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to convert %s string to double", str);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:576:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to convert %s string to double", str);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:664:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, hdr->ctype[l]);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:857:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to convert %s string to double",
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:925:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to convert %s string to double",
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:1061:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (epochstr, hdr->equinoxstr);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:1065:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (epochstr, hdr->epochstr);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:1070:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (hdr->epochstr, "b%s", epochstr);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:1082:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (hdr->epochstr, "j%s", epochstr);
data/montage-6.0+dfsg/web/mViewer/imZoom.c:686:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (redpath, param->redPath);
data/montage-6.0+dfsg/web/mViewer/imZoom.c:687:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (grnpath, param->greenPath);
data/montage-6.0+dfsg/web/mViewer/imZoom.c:688:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bluepath, param->bluePath);
data/montage-6.0+dfsg/web/mViewer/imZoom.c:691:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->subsetredfile, "%s_cutout_%s",
data/montage-6.0+dfsg/web/mViewer/imZoom.c:694:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (subsetredpath, "%s/%s",
data/montage-6.0+dfsg/web/mViewer/imZoom.c:698:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->subsetgrnfile, "%s_cutout_%s",
data/montage-6.0+dfsg/web/mViewer/imZoom.c:701:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (subsetgrnpath, "%s/%s",
data/montage-6.0+dfsg/web/mViewer/imZoom.c:705:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->subsetbluefile, "%s_cutout_%s",
data/montage-6.0+dfsg/web/mViewer/imZoom.c:708:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (subsetbluepath, "%s/%s",
data/montage-6.0+dfsg/web/mViewer/imZoom.c:779:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (graypath, param->grayPath);
data/montage-6.0+dfsg/web/mViewer/imZoom.c:783:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->subsetimfile, "%s_cutout.fits",
data/montage-6.0+dfsg/web/mViewer/imZoom.c:787:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (subsetimpath, "%s/%s",
data/montage-6.0+dfsg/web/mViewer/makeImage.c:242:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (impath, param->grayPath);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:247:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (impath, "%s/%s", param->directory,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:251:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (impath, param->grayPath);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:263:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (redpath, param->redPath);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:266:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (grnpath, param->greenPath);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:269:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bluepath, param->bluePath);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:272:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (impath, param->redPath);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:277:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (redpath, "%s/%s", param->directory,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:280:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (impath, "%s/%s", param->directory,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:284:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (redpath, param->redPath);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:285:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (impath, param->redPath);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:290:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (grnpath, "%s/%s", param->directory,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:294:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (grnpath, param->greenPath);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:299:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (bluepath, "%s/%s", param->directory,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:303:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bluepath, param->bluePath);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:323:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:409:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (shrunkimpath, "%s/%s", param->directory,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:414:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (shrunkimpath, "%s/%s", param->directory,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:424:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (cmd, "mShrink %s %s %.6f", impath, shrunkimpath, factor);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:439:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:445:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:450:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (status, svc_value("stat"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:459:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:479:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (shrunkredpath, "%s/%s", param->directory,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:484:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (shrunkredpath, "%s/%s", param->directory,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:489:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (cmd, "mShrink %s %s %.6f", redpath, shrunkredpath,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:506:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:512:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:517:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (status, svc_value("stat"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:521:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:536:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (shrunkgrnpath, "%s/%s", param->directory,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:541:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (shrunkgrnpath, "%s/%s", param->directory,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:546:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (cmd, "mShrink %s %s %.6f", grnpath, shrunkgrnpath,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:562:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:568:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:573:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (status, svc_value("stat"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:577:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:592:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (shrunkbluepath, "%s/%s", param->directory,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:597:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (shrunkbluepath, "%s/%s", param->directory,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:602:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (cmd, "mShrink %s %s %.6f", bluepath, shrunkbluepath,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:618:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:624:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:629:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (status, svc_value("stat"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:633:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:709:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stretchMin, param->stretchMin);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:716:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (stretchMax, param->stretchMax);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:719:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-grey %s %s %s %s ", shrunkimpath,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:721:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (paramstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:723:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-grey %s %s %s %s ", shrunkrefimpath,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:725:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (refParamstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:745:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-red %s %s %s %s ", shrunkredpath,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:747:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (paramstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:749:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-red %s %s %s %s ", shrunkrefredpath,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:751:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (refParamstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:753:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-green %s %s %s %s ", shrunkgrnpath,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:755:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (paramstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:757:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-green %s %s %s %s ", shrunkrefgrnpath,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:759:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (refParamstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:761:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-blue %s %s %s %s ", shrunkbluepath,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:763:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (paramstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:765:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-blue %s %s %s %s ", shrunkrefbluepath,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:767:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (refParamstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:839:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (layertype, param->overlay[l].type);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:840:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (visible, param->overlay[l].visible);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:864:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (color, param->overlay[l].color);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:869:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-color %s ", color);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:870:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (paramstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:871:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (refParamstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:881:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-grid %s ", param->overlay[l].coordSys);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:882:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (paramstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:883:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (refParamstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:888:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-csys %s ", param->overlay[l].coordSys);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:889:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (paramstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:890:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (refParamstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:892:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-color %s ", color);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:893:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (paramstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:894:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (refParamstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:944:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->errmsg, "Cannot find overlay datafile [%s] "
data/montage-6.0+dfsg/web/mViewer/makeImage.c:950:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (filepath, param->overlay[l].dataPath);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:972:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (symtype, param->overlay[l].symType);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:973:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (symside, param->overlay[l].symSide);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1007:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-symbol %s %s ",
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1011:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-symbol %s %s %s ",
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1015:21: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (paramstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1016:21: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (refParamstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1021:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-catalog %s ", filepath);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1024:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-catalog %s %s %s %s ", filepath,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1030:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (paramstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1031:21: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (refParamstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1040:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-imginfo %s ", filepath);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1041:21: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (paramstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1042:21: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (refParamstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1048:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-color %s ", color);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1049:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (paramstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1050:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (refParamstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1052:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-symbol %s %s -mark %s ",
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1056:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (paramstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1057:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (refParamstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1061:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-color %s ", color);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1062:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (paramstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1063:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (refParamstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1065:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "-label %s \"%s\"",
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1069:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (paramstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1070:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (refParamstr, str);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1098:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (jpgpath, "%s/%s_orig.png", param->directory,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1101:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (cmd,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1106:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (jpgpath, "%s/%s_orig.jpg", param->directory,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1109:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (cmd,
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1127:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (status, svc_value("stat"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1136:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->errmsg, "Failed to run mViewer: %s.",
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1149:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->datamin, svc_value("datamin"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1153:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->datamax, svc_value("datamax"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1169:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->jpgfile, "%s.png", param->imageFile);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1170:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (jpgpath, "%s/%s", param->directory, param->jpgfile);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1171:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (cmd, "%s %s -png %s", prog, paramstr, jpgpath);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1174:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->jpgfile, "%s.jpg", param->imageFile);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1175:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (jpgpath, "%s/%s", param->directory, param->jpgfile);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1176:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (cmd, "%s %s -out %s", prog, paramstr, jpgpath);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1188:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->jpgfile, "%s.png", param->imageFile);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1189:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (refjpgpath, "%s/%s",
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1191:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (cmd, "%s %s -png %s", prog, refParamstr, refjpgpath);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1194:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->refjpgfile, "%s_ref.jpg", param->imageFile);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1195:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (refjpgpath, "%s/%s",
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1197:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (cmd, "%s %s -out %s", prog, refParamstr, refjpgpath);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1228:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (status, svc_value("stat"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1237:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->errmsg, "Failed to run mViewer: %s.",
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1267:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->xflipstr, svc_value("xflip"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1276:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->yflipstr, svc_value("yflip"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1292:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->blueminstr, svc_value("bmin"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1296:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->bluepercminstr, svc_value("bminpercent"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1300:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->bluesigmaminstr, svc_value("bminsigma"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1304:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->bluemaxstr, svc_value("bmax"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1308:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->bluepercmaxstr, svc_value("bmaxpercent"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1312:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->bluesigmamaxstr, svc_value("bmaxsigma"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1318:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->bluedatamin, svc_value("bdatamin"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1322:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->bluedatamax, svc_value("bdatamax"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1341:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->grnminstr, svc_value("gmin"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1345:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->grnpercminstr, svc_value("gminpercent"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1349:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->grnsigmaminstr, svc_value("gminsigma"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1353:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->grnmaxstr, svc_value("gmax"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1357:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->grnpercmaxstr, svc_value("gmaxpercent"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1361:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->grnsigmamaxstr, svc_value("gmaxsigma"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1366:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->grndatamin, svc_value("gdatamin"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1370:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->grndatamax, svc_value("gdatamax"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1386:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->redminstr, svc_value("rmin"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1390:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->redpercminstr, svc_value("rminpercent"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1394:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->redsigmaminstr, svc_value("rminsigma"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1398:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->redmaxstr, svc_value("rmax"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1402:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->redpercmaxstr, svc_value("rmaxpercent"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1406:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->redsigmamaxstr, svc_value("rmaxsigma"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1411:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->reddatamin, svc_value("rdatamin"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1415:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->reddatamax, svc_value("rdatamax"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1438:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (datamin, svc_value("datamin"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1442:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (datamax, svc_value("datamax"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1454:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->minstr, svc_value("min"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1458:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->percminstr, svc_value("minpercent"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1462:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->sigmaminstr, svc_value("minsigma"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1467:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->maxstr, svc_value("max"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1471:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->percmaxstr, svc_value("maxpercent"));
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1475:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->sigmamaxstr, svc_value("maxsigma"));
data/montage-6.0+dfsg/web/mViewer/mviewerUtil.c:77:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to open HTML file [%s].", htmlpath);
data/montage-6.0+dfsg/web/mViewer/mviewerUtil.c:169:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, &strval[i]);
data/montage-6.0+dfsg/web/mViewer/mviewerUtil.c:177:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to convert [%s] to an integer.", strval);
data/montage-6.0+dfsg/web/mViewer/mviewerUtil.c:197:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to convert [%s] to a double.", strval);
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:222:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd, strtrim(keyword_value("cmd")));
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:232:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param.cmd , cmd);
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:333:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param.errmsg, "Cannot find required FITS image file "
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:357:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param.grayPath, "%s/%s", param.directory, param.grayFile);
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:435:14: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param.errmsg,
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:506:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (impath, param.grayPath);
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:652:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param.errmsg,
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:658:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (impath, param.redPath);
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:671:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, param.grayFile);
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:674:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, param.redFile);
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:683:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param.imageFile, str);
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:722:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param.jpgfile, "%s.jpg", param.imageFile);
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:723:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param.refjpgfile, "%s_ref.jpg", param.imageFile);
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:747:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param.shrunkimfile, "%s_shrunk.fits",
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:751:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param.shrunkRefimfile, "%s_shrunkref.fits",
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:775:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param.shrunkredfile, "%s_shrunk_%s",
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:778:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param.shrunkRefredfile, "%s_shrunkref_%s",
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:782:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param.shrunkgrnfile, "%s_shrunk_%s",
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:785:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param.shrunkRefgrnfile, "%s_shrunkref_%s",
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:789:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param.shrunkbluefile, "%s_shrunk_%s",
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:792:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param.shrunkRefbluefile, "%s_shrunkref_%s",
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:873:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param.errmsg,
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:890:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param.bunit, hdr.bunit);
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:908:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param.imcsys, "%s %s", hdr.csysstr, hdr.epochstr);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:70:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workDir, config_value("ISIS_WORKDIR"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:76:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(baseURL, config_value("ISIS_WORKURL"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:110:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wspace, keyword_value("workspace"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:114:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wspace, keyword_value("ws"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:121:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, keyword_value("file"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:128:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(directory, workDir);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:130:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(directory, wspace);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:133:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(baseURL, wspace);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:152:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileBase, ptr);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:155:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tmpstr, fileName);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:161:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (filePath, fileName);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:162:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fileName, ptr+1);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:165:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (filePath, "%s/%s", directory, fileName);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:186:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mGetHdr %s %s/%s.hdr", filePath, directory, fileBase);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:195:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(status, svc_value("stat"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:200:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hdrFile, "%s/%s.hdr", directory, fileBase);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:202:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(htmlFile, "%s/%s.html", directory, fileBase);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:222:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (url, "%s/%s.html", baseURL, fileBase);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:231:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (url, "{\"url\" : \"%s/%s.html\"}", baseURL, fileBase);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:61:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workDir, config_value("ISIS_WORKDIR"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:90:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wspace, keyword_value("ws"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:96:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefix, keyword_value("prefix"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:119:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(directory, workDir);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:121:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(directory, wspace);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:123:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(baseFile, directory);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:125:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(baseFile, file);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:127:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, baseFile);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:149:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "%s/updates.tbl", directory);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:151:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "%s/%s_updates.tbl", directory, prefix);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:213:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "%s/tables.tbl", directory);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:215:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "%s/%s_tables.tbl", directory, prefix);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:255:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpstr, tval(iname));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:274:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(catName[ncat], tval(iname));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:291:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "%s/labels.tbl", directory);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:293:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "%s/%s_labels.tbl", directory, prefix);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:329:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colname, tval(iname));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:330:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(label, tval(ilabel));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:364:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prevname, colname);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:386:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colname, tval(iname));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:387:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(offset, tval(ioffset));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:418:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prevname, colname);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:441:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(baseFile, "%s/%s", directory, catName[i]);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:64:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(workDir, config_value("ISIS_WORKDIR"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:70:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(baseURL, config_value("ISIS_WORKURL"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:102:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wspace, keyword_value("ws"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:107:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, keyword_value("file"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:119:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileBase, ptr);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:122:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x, keyword_value("x"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:127:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(y, keyword_value("y"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:132:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(radius, keyword_value("radius"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:157:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(directory, workDir);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:159:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(directory, wspace);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:162:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(baseURL, wspace);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:177:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "mExamine -p %sp %sp %sp %s/%s", x, y, radius, directory, fileBase);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:180:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(status, svc_value("stat"));
data/montage-6.0+dfsg/web/mViewer/parseCsysstr.c:45:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, csysstrIn);
data/montage-6.0+dfsg/web/mViewer/parseCsysstr.c:51:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (substr, cptr+1);
data/montage-6.0+dfsg/web/mViewer/parseCsysstr.c:52:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (epochstr, strtrim(substr));
data/montage-6.0+dfsg/web/mViewer/parseCsysstr.c:55:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (csysstr, strtrim(str));
data/montage-6.0+dfsg/web/mViewer/parseCsysstr.c:86:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg,
data/montage-6.0+dfsg/web/mViewer/parseCsysstr.c:93:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (str, &epochstr[1]);
data/montage-6.0+dfsg/web/mViewer/parseCsysstr.c:111:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to convert epoch string [%s] to double.", str);
data/montage-6.0+dfsg/web/mViewer/pick.c:126:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Failed to open FITS file %s\n", fname);
data/montage-6.0+dfsg/web/mViewer/pick.c:250:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (impath, "%s/%s", param->directory, param->shrunkredfile);
data/montage-6.0+dfsg/web/mViewer/pick.c:252:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (impath, "%s/%s", param->directory, param->shrunkimfile);
data/montage-6.0+dfsg/web/mViewer/pick.c:268:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/pick.c:295:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (imcsys, "%s %s", hdr.csysstr, hdr.epochstr);
data/montage-6.0+dfsg/web/mViewer/pick.c:416:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->sexrapick, lonstr);
data/montage-6.0+dfsg/web/mViewer/pick.c:417:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->sexdecpick, latstr);
data/montage-6.0+dfsg/web/mViewer/pick.c:456:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (fpath, "%s/%s",
data/montage-6.0+dfsg/web/mViewer/pick.c:467:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (fpath, "%s/%s",
data/montage-6.0+dfsg/web/mViewer/pick.c:478:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (fpath, "%s/%s",
data/montage-6.0+dfsg/web/mViewer/pick.c:516:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->bunit, hdr.bunit);
data/montage-6.0+dfsg/web/mViewer/pick.c:566:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (fpath, "%s/%s", param->directory,
data/montage-6.0+dfsg/web/mViewer/pick.c:580:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (colname, tinfo(i));
data/montage-6.0+dfsg/web/mViewer/pick.c:719:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rastr, strtrim(tval(icol_ra)));
data/montage-6.0+dfsg/web/mViewer/pick.c:723:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (decstr, strtrim(tval(icol_dec)));
data/montage-6.0+dfsg/web/mViewer/pick.c:806:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->mintbl, param->overlay[l].dataFile);
data/montage-6.0+dfsg/web/mViewer/pick.c:925:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (colname, tinfo(i));
data/montage-6.0+dfsg/web/mViewer/pick.c:1044:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rastr, strtrim(tval(icol_ra)));
data/montage-6.0+dfsg/web/mViewer/pick.c:1048:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (decstr, strtrim(tval(icol_dec)));
data/montage-6.0+dfsg/web/mViewer/pick.c:1088:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (rastr, strtrim(tval(icollon[j])));
data/montage-6.0+dfsg/web/mViewer/pick.c:1092:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (decstr, strtrim(tval(icollat[j])));
data/montage-6.0+dfsg/web/mViewer/pick.c:1282:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (param->iminfoArr[niminfoarr]->filename,
data/montage-6.0+dfsg/web/mViewer/pix2sky.c:44:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Cannot read FITS file %s\n", fname);
data/montage-6.0+dfsg/web/mViewer/sky2pix.c:47:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Cannot read FITS file %s\n", fname);
data/montage-6.0+dfsg/web/mViewer/subsetImage.c:73:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (cmd, "mSubimage -nowcs -p %s %s %15.8f %15.8f %5.2f %5.2f",
data/montage-6.0+dfsg/web/mViewer/subsetImage.c:77:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (cmd, "mSubimage -p %s %s %15.8f %15.8f %5.2f %5.2f",
data/montage-6.0+dfsg/web/mViewer/subsetImage.c:94:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (status, svc_value("stat"));
data/montage-6.0+dfsg/web/mViewer/subsetImage.c:103:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (errmsg, svc_value("msg"));
data/montage-6.0+dfsg/web/mViewer/writeFitshdrHtml.c:137:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(keyword, line);
data/montage-6.0+dfsg/Montage/mAdd.c:164:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mAdd.c:433:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "enp:s:d:a:")) != EOF)
data/montage-6.0+dfsg/Montage/mAddCube.c:54:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mAddCube.c:299:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "enp:s:d:a:")) != EOF)
data/montage-6.0+dfsg/Montage/mAddExec.c:64:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mAddExec.c:201:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "enp:s:d:a:x:y:o:q:")) != EOF)
data/montage-6.0+dfsg/Montage/mBgExec.c:77:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mBgExec.c:148:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "np:s:d")) != EOF)
data/montage-6.0+dfsg/Montage/mBgModel.c:76:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mBgModel.c:296:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "ai:r:s:ld:")) != EOF)
data/montage-6.0+dfsg/Montage/mDiff.c:63:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mDiff.c:172:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "nd:s:z:")) != EOF)
data/montage-6.0+dfsg/Montage/mDiffExec.c:46:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mDiffExec.c:122:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "np:ds:")) != EOF)
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:31:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:116:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "klnp:ds:")) != EOF)
data/montage-6.0+dfsg/Montage/mFitExec.c:53:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mFitExec.c:153:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "dls:")) != EOF)
data/montage-6.0+dfsg/Montage/mFitplane.c:59:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mFitplane.c:157:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "b:d:ls:")) != EOF)
data/montage-6.0+dfsg/Montage/mFlattenExec.c:47:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mFlattenExec.c:112:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "lnp:ds:")) != EOF)
data/montage-6.0+dfsg/Montage/mGetHdr.c:37:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mGetHdr.c:84:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "ds:h:H")) != EOF)
data/montage-6.0+dfsg/Montage/mHdrCheck.c:25:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mHdrCheck.c:65:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "h:s:o:")) != EOF)
data/montage-6.0+dfsg/Montage/mHdrtbl.c:29:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mHdrtbl.c:92:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "rcdbs:t:")) != -1)
data/montage-6.0+dfsg/Montage/mImgtbl.c:47:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mImgtbl.c:158:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "ircCadbs:f:t:z")) != -1)
data/montage-6.0+dfsg/Montage/mMakeHdr.c:71:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:241:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "nd:e:s:P:p:")) != EOF)
data/montage-6.0+dfsg/Montage/mOverlaps.c:57:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mOverlaps.c:205:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "ed:s:")) != EOF)
data/montage-6.0+dfsg/Montage/mProjExec.c:91:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mProjExec.c:197:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "p:dqeb:s:r:W:x:Xf")) != EOF)
data/montage-6.0+dfsg/Montage/mProject.c:77:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mProject.c:320:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "ez:d:i:o:s:h:w:W:t:x:Xf")) != EOF)
data/montage-6.0+dfsg/Montage/mProjectCube.c:34:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mProjectCube.c:278:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "z:d:i:o:s:h:w:t:x:Xf")) != EOF)
data/montage-6.0+dfsg/Montage/mProjectPP.c:70:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mProjectPP.c:299:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "z:d:s:b:o:i:h:w:W:t:x:X")) != EOF)
data/montage-6.0+dfsg/Montage/mPutHdr.c:30:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mPutHdr.c:129:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "d:fs:h:")) != EOF)
data/montage-6.0+dfsg/Montage/mShrink.c:52:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mShrink.c:183:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "d:h:s:f")) != EOF)
data/montage-6.0+dfsg/Montage/mShrinkCube.c:29:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mShrinkCube.c:169:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "d:h:m:s:f")) != EOF)
data/montage-6.0+dfsg/Montage/mSubset.c:66:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mSubset.c:204:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "fd:s:")) != EOF)
data/montage-6.0+dfsg/Montage/mTANHdr.c:71:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mTANHdr.c:210:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "dui:o:t:s:")) != EOF)
data/montage-6.0+dfsg/Montage/mTileHdr.c:34:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mTileHdr.c:83:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "ds:")) != EOF)
data/montage-6.0+dfsg/Montage/mTileImage.c:46:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/Montage/mTileImage.c:79:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((c = getopt(argc, argv, "p:n:o:t:?")) != -1) {
data/montage-6.0+dfsg/Montage/projTest.c:137:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "e:c:di:o:t:s:")) != EOF)
data/montage-6.0+dfsg/MontageLib/Add/mAdd.c:17:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/Add/mAdd.c:52:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "enp:s:d:a:")) != EOF)
data/montage-6.0+dfsg/MontageLib/AddCube/mAddCube.c:17:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/AddCube/mAddCube.c:52:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "enp:s:d:a:")) != EOF)
data/montage-6.0+dfsg/MontageLib/ArchiveExec/mArchiveExec.c:14:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/ArchiveExec/mArchiveExec.c:53:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "d:p:r:t:")) != EOF)
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:18:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/mArchiveGet.c:15:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/mArchiveGet.c:47:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "dt:")) != EOF)
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:140:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
proxy = getenv("http_proxy");
data/montage-6.0+dfsg/MontageLib/BgExec/mBgExec.c:17:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/BgExec/mBgExec.c:57:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "np:s:d")) != EOF)
data/montage-6.0+dfsg/MontageLib/BgModel/mBgModel.c:15:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/BgModel/mBgModel.c:48:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "ai:r:s:ld:")) != EOF)
data/montage-6.0+dfsg/MontageLib/Diff/mDiff.c:17:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/Diff/mDiff.c:50:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "nd:s:z:")) != EOF)
data/montage-6.0+dfsg/MontageLib/DiffExec/mDiffExec.c:17:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/DiffExec/mDiffExec.c:56:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "np:ds:")) != EOF)
data/montage-6.0+dfsg/MontageLib/DiffFitExec/mDiffFitExec.c:16:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/DiffFitExec/mDiffFitExec.c:63:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "klnp:ds:")) != EOF)
data/montage-6.0+dfsg/MontageLib/FitExec/mFitExec.c:16:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/FitExec/mFitExec.c:54:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "dls:")) != EOF)
data/montage-6.0+dfsg/MontageLib/Fitplane/mFitplane.c:17:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/Fitplane/mFitplane.c:66:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "b:d:ls:")) != EOF)
data/montage-6.0+dfsg/MontageLib/FixNaN/mFixNaN.c:14:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/FixNaN/mFixNaN.c:72:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "bd:v:")) != EOF)
data/montage-6.0+dfsg/MontageLib/GetHdr/mGetHdr.c:12:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/GetHdr/mGetHdr.c:46:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "ds:h:")) != EOF)
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:18:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt (int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:55:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "ds:c:e:h:p:r:t:")) != EOF)
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:126:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
proxy = getenv("http_proxy");
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c:16:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c:65:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "rcCadibs:f:t:z")) != -1)
data/montage-6.0+dfsg/MontageLib/MakeHdr/mMakeHdr.c:19:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/MakeHdr/mMakeHdr.c:57:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "nd:e:s:P:p:")) != EOF)
data/montage-6.0+dfsg/MontageLib/Overlaps/mOverlaps.c:17:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/Overlaps/mOverlaps.c:44:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "ed:s:")) != EOF)
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:15:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:71:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "p:dqeb:s:r:W:x:Xf")) != EOF)
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:15:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:61:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "ez:d:s:b:h:w:W:t:x:Xf")) != EOF)
data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.c:15:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.c:59:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "z:d:s:h:w:t:x:Xf")) != EOF)
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:15:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:66:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "z:d:s:b:h:w:W:t:x:Xefi:o:")) != EOF)
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:15:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:64:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "ab:d:Ls:h:w:W:t:x:Xf")) != EOF)
data/montage-6.0+dfsg/MontageLib/PutHdr/mPutHdr.c:14:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/PutHdr/mPutHdr.c:62:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "d:s:h:")) != EOF)
data/montage-6.0+dfsg/MontageLib/Shrink/mShrink.c:15:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/Shrink/mShrink.c:45:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "d:h:s:f")) != EOF)
data/montage-6.0+dfsg/MontageLib/ShrinkCube/mShrinkCube.c:15:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/ShrinkCube/mShrinkCube.c:46:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "d:h:m:s:f")) != EOF)
data/montage-6.0+dfsg/MontageLib/Subset/mSubset.c:18:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/Subset/mSubset.c:45:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "fd:s:")) != EOF)
data/montage-6.0+dfsg/MontageLib/TANHdr/mTANHdr.c:18:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/TANHdr/mTANHdr.c:84:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "dui:o:t:s:")) != EOF)
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:74:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:629:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if(getenv("MONTAGE_FONT_DIR") != (char *)NULL)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:630:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
strcpy(fontfile, getenv("MONTAGE_FONT_DIR"));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:39:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:293:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "lkch:f:o:d:L:n:")) != EOF)
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2265:54: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
fprintf(fmsg, "mdasCollectionName = \"%s\"\n", getenv("mdasCollectionName"));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2266:54: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
fprintf(fmsg, "mdasCollectionHome = \"%s\"\n", getenv("mdasCollectionHome"));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2267:54: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
fprintf(fmsg, "mdasDomainName = \"%s\"\n", getenv("mdasDomainName"));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2268:54: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
fprintf(fmsg, "srbUser = \"%s\"\n", getenv("srbUser"));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2269:54: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
fprintf(fmsg, "srbHost = \"%s\"\n", getenv("srbHost"));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2270:54: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
fprintf(fmsg, "srbPort = \"%s\"\n", getenv("srbPort"));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2271:54: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
fprintf(fmsg, "mcatZone = \"%s\"\n", getenv("mcatZone"));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2272:54: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
fprintf(fmsg, "defaultResource = \"%s\"\n", getenv("defaultResource"));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2273:54: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
fprintf(fmsg, "srbAuth = \"%s\"\n", getenv("srbAuth"));
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:30:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:107:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "ds:")) != EOF)
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:170:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *path = getenv("MONTAGE_HOME");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:145:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *path = getenv("MONTAGE_HOME");
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:39:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:170:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "ds:")) != EOF)
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:43:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:83:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *path = getenv("MONTAGE_HOME");
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:98:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "ndb:s:")) != EOF)
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:76:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *path = getenv("MONTAGE_HOME");
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:91:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "ndb:s:")) != EOF)
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:120:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("ACT_PATH")) == NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:447:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("ACT_PATH")) == NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:590:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
str = getenv("ACT_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:882:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((cdpath = getenv("ACT_PATH")) == NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:940:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("PPM_PATH")) != NULL ) {
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:951:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("SAO_PATH")) != NULL ) {
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:962:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("SKY2K_PATH")) != NULL ) {
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:973:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("HIP_PATH")) != NULL ) {
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:984:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("IRAS_PATH")) != NULL ) {
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:994:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (!binset && (str = getenv("WCS_BINDIR")) != NULL ) {
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1247:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("WCS_CATDIR")) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:158:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSC_NORTH")) == NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:159:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
str = getenv ("GSC_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:164:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSCACT_NORTH")) == NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:165:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
str = getenv ("GSCACT_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:188:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSCACT_NORTH")) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:190:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSCACT_SOUTH")) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:194:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSC_NORTH")) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:196:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSC_SOUTH")) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:586:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSC_NORTH")) == NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:587:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
str = getenv ("GSC_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:595:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSCACT_NORTH")) == NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:596:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
str = getenv ("GSCACT_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:612:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSC_NORTH")) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:614:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSC_SOUTH")) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:840:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSCACT_NORTH")) == NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:841:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
str = getenv ("GSCACT_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:859:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSCACT_NORTH")) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:861:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSCACT_SOUTH")) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:865:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSC_NORTH")) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:867:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("GSC_SOUTH")) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:161:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv(tmcenv)) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:578:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv(tmcenv)) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:752:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv(tmcenv)) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:129:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("TY2_PATH")) == NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:496:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("TY2_PATH")) == NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:692:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("TY2_PATH")) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:902:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("TY2_PATH")) != NULL ) {
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:980:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("TY2_PATH")) != NULL ) {
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:1194:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("TY2_PATH")) != NULL ) {
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:231:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("USA2_PATH")) != NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:237:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("USA1_PATH")) != NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:246:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("UA2_PATH")) != NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:248:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ((str = getenv("UA2_ROOT")) != NULL) {
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:256:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("UA1_PATH")) != NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:258:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ((str = getenv("UA1_ROOT")) != NULL) {
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:637:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("USA2_PATH")) != NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:643:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("USA1_PATH")) != NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:652:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("UA2_PATH")) != NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:654:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ((str = getenv("UA2_ROOT")) != NULL) {
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:662:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("UA1_PATH")) != NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:664:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ((str = getenv("UA1_ROOT")) != NULL) {
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:846:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("USA2_PATH")) != NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:852:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("USA1_PATH")) != NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:861:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("UA2_PATH")) != NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:863:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ((str = getenv("UA2_ROOT")) != NULL) {
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:871:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("UA1_PATH")) != NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:873:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ((str = getenv("UA1_ROOT")) != NULL) {
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:172:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("UB1_PATH")) != NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:178:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("YB6_PATH")) != NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:645:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("UB1_PATH")) != NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:651:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("YB6_PATH")) != NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:827:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("UB1_PATH")) != NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:833:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv("YB6_PATH")) != NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:264:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv (ucacenv)) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:738:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv(ucacenv)) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:951:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv (ucacenv)) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:207:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv (ucacenv)) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:675:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv(ucacenv)) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:869:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((str = getenv (ucacenv)) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:133:33: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (refcat == UJC && (str = getenv("UJ_PATH")) != NULL ) {
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:415:33: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (refcat == UJC && (str = getenv("UJ_PATH")) != NULL ) {
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:559:33: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (refcat == UJC && (str = getenv("UJ_PATH")) != NULL )
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2533:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if ((str = getenv (envar)) != NULL)
data/montage-6.0+dfsg/lib/src/www/www.c:176:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
form = getenv("CONTENT_TYPE");
data/montage-6.0+dfsg/lib/src/www/www.c:181:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
method = getenv("REQUEST_METHOD");
data/montage-6.0+dfsg/lib/src/www/www.c:237:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
count = getenv("CONTENT_LENGTH");
data/montage-6.0+dfsg/lib/src/www/www.c:268:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
content = getenv("QUERY_STRING");
data/montage-6.0+dfsg/lib/src/www/www.c:1861:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("HTML_HEADER") != (char *)NULL)
data/montage-6.0+dfsg/lib/src/www/www.c:1862:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
strcpy(myheader, getenv("HTML_HEADER"));
data/montage-6.0+dfsg/lib/src/www/www.c:1937:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (getenv("HTML_FOOTER") != (char *)NULL)
data/montage-6.0+dfsg/lib/src/www/www.c:1938:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
strcpy(myfooter, getenv("HTML_FOOTER"));
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:14:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:72:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "d:r:t:uS")) != EOF)
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:33:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:86:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "dt:")) != EOF)
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:127:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
proxy = getenv("http_proxy");
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:34:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:88:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "p:ds:")) != EOF)
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:50:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:154:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "pm:d:w:c:")) != EOF)
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:162:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
proxy = getenv("http_proxy");
data/montage-6.0+dfsg/util/Exec/mExec.c:48:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/util/Exec/mExec.c:387:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "iI:lkcaxqh:f:o:d:D:e:r:s:n:m:L:O:M:P:")) != EOF)
data/montage-6.0+dfsg/util/FixNaN/mFixNaN.c:42:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/util/FixNaN/mFixNaN.c:134:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "bd:v:")) != EOF)
data/montage-6.0+dfsg/util/Hdr/mHdr.c:28:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt (int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/util/Hdr/mHdr.c:87:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "s:e:h:p:r:t:")) != EOF)
data/montage-6.0+dfsg/util/Hdr/mHdr.c:202:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
proxy = getenv("http_proxy");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:134:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt (int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:503:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "cd:D:Lmi:o:p:r:")) != EOF)
data/montage-6.0+dfsg/util/MovingTarget/rtree/rect.c:78:11: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
width = drand48() * (1000 / 4) + 1;
data/montage-6.0+dfsg/util/MovingTarget/rtree/rect.c:82:20: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
r->boundary[i] = drand48() * (1000-width); /* low side */
data/montage-6.0+dfsg/util/MovingTarget/rtree/rect.c:111:12: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
size = (drand48() * (data->boundary[j] -
data/montage-6.0+dfsg/util/MovingTarget/rtree/rect.c:113:33: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
center = data->boundary[i] + drand48() *
data/montage-6.0+dfsg/util/Pix2Coord/mPix2Coord.c:35:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/util/Pix2Coord/mPix2Coord.c:84:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "dh:j")) != EOF)
data/montage-6.0+dfsg/util/Search/mSearch.c:119:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt (int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/util/Search/mSearch.c:456:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "d:mi:o:p:r:")) != EOF)
data/montage-6.0+dfsg/util/Search/rtree/rect.c:78:11: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
width = drand48() * (1000 / 4) + 1;
data/montage-6.0+dfsg/util/Search/rtree/rect.c:82:20: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
r->boundary[i] = drand48() * (1000-width); /* low side */
data/montage-6.0+dfsg/util/Search/rtree/rect.c:111:12: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
size = (drand48() * (data->boundary[j] -
data/montage-6.0+dfsg/util/Search/rtree/rect.c:113:33: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
center = data->boundary[i] + drand48() *
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:31:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:79:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "ds:")) != EOF)
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:27:12: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
extern int getopt(int argc, char *const *argv, const char *options);
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:103:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "dxo:")) != EOF)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:618:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if(getenv("MONTAGE_FONT_DIR") != (char *)NULL)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:619:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
strcpy(fontfile, getenv("MONTAGE_FONT_DIR"));
data/montage-6.0+dfsg/Montage/checkHdr.c:74:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[1024];
data/montage-6.0+dfsg/Montage/checkHdr.c:75:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[1024];
data/montage-6.0+dfsg/Montage/checkHdr.c:128:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitskeyword[80];
data/montage-6.0+dfsg/Montage/checkHdr.c:129:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitsvalue [80];
data/montage-6.0+dfsg/Montage/checkHdr.c:130:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitscomment[80];
data/montage-6.0+dfsg/Montage/checkHdr.c:131:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstr [80];
data/montage-6.0+dfsg/Montage/checkHdr.c:135:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [1024];
data/montage-6.0+dfsg/Montage/checkHdr.c:136:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pline [1024];
data/montage-6.0+dfsg/Montage/checkHdr.c:188:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(hdrCheck_outfile, "w+");
data/montage-6.0+dfsg/Montage/checkHdr.c:272:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(infile, "r");
data/montage-6.0+dfsg/Montage/checkHdr.c:289:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(infile, "r");
data/montage-6.0+dfsg/Montage/checkHdr.c:510:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[1024];
data/montage-6.0+dfsg/Montage/checkHdr.c:810:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/Montage/filePath.c:27:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char base[2048];
data/montage-6.0+dfsg/Montage/get_files.c:54:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[MAXSTR], msg[MAXSTR];
data/montage-6.0+dfsg/Montage/get_files.c:55:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[MAXSTR], tmpname[MAXSTR], cmd[MAXSTR];
data/montage-6.0+dfsg/Montage/get_files.c:149:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(template, "/tmp/IMTXXXXXX");
data/montage-6.0+dfsg/Montage/get_hdr.c:51:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name [128];
data/montage-6.0+dfsg/Montage/get_hdr.c:52:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type [128];
data/montage-6.0+dfsg/Montage/get_hdr.c:53:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value [128];
data/montage-6.0+dfsg/Montage/get_hdr.c:54:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defval[128];
data/montage-6.0+dfsg/Montage/get_hdr.c:76:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[1024], comment[1024], *ptr;
data/montage-6.0+dfsg/Montage/get_hdr.c:433:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hdr_rec->ns = atoi(value);
data/montage-6.0+dfsg/Montage/get_hdr.c:438:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hdr_rec->nl = atoi(value);
data/montage-6.0+dfsg/Montage/get_hfiles.c:42:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[MAXSTR], msg[MAXSTR];
data/montage-6.0+dfsg/Montage/get_hhdr.c:37:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/Montage/get_hhdr.c:38:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[132];
data/montage-6.0+dfsg/Montage/get_hhdr.c:57:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fptr = fopen(fname, "r");
data/montage-6.0+dfsg/Montage/hdr_rec.h:24:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[1024];
data/montage-6.0+dfsg/Montage/hdr_rec.h:27:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[10];
data/montage-6.0+dfsg/Montage/hdr_rec.h:28:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[10];
data/montage-6.0+dfsg/Montage/mAdd.c:203:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype[MAXSTR];
data/montage-6.0+dfsg/Montage/mAdd.c:207:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mAdd.c:208:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_area_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mAdd.c:319:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argument [MAXSTR];
data/montage-6.0+dfsg/Montage/mAdd.c:320:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file[MAXSTR];
data/montage-6.0+dfsg/Montage/mAdd.c:321:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename [MAXSTR];
data/montage-6.0+dfsg/Montage/mAdd.c:322:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/Montage/mAdd.c:323:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr [MAXSTR];
data/montage-6.0+dfsg/Montage/mAdd.c:335:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/Montage/mAdd.c:384:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/Montage/mAdd.c:500:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mAdd.c:566:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_file, ".fits");
data/montage-6.0+dfsg/Montage/mAdd.c:567:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_area_file, "_area.fits");
data/montage-6.0+dfsg/Montage/mAdd.c:706:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr[nfile] = atoi(tval(icntr));
data/montage-6.0+dfsg/Montage/mAdd.c:714:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
innaxis1[nfile] = atoi(tval(inaxis1));
data/montage-6.0+dfsg/Montage/mAdd.c:715:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
innaxis2[nfile] = atoi(tval(inaxis2));
data/montage-6.0+dfsg/Montage/mAdd.c:803:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infile[nfile], ".fits");
data/montage-6.0+dfsg/Montage/mAdd.c:805:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(inarea[nfile], "_area.fits");
data/montage-6.0+dfsg/Montage/mAdd.c:1414:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((output_fp = fopen (output_file, "r+")) == NULL)
data/montage-6.0+dfsg/Montage/mAdd.c:1419:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((output_area_fp = fopen (output_area_file, "r+")) == NULL)
data/montage-6.0+dfsg/Montage/mAdd.c:2028:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXSTR];
data/montage-6.0+dfsg/Montage/mAdd.c:2029:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headerStr[HDRLEN];
data/montage-6.0+dfsg/Montage/mAdd.c:2036:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/Montage/mAdd.c:2140:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[0] = atoi(value);
data/montage-6.0+dfsg/Montage/mAdd.c:2141:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[0] = atoi(value);
data/montage-6.0+dfsg/Montage/mAdd.c:2146:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[1] = atoi(value);
data/montage-6.0+dfsg/Montage/mAdd.c:2147:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[1] = atoi(value);
data/montage-6.0+dfsg/Montage/mAdd.c:2184:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/Montage/mAddCube.c:93:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype[MAXSTR];
data/montage-6.0+dfsg/Montage/mAddCube.c:97:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mAddCube.c:98:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_area_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mAddCube.c:211:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argument [MAXSTR];
data/montage-6.0+dfsg/Montage/mAddCube.c:212:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file[MAXSTR];
data/montage-6.0+dfsg/Montage/mAddCube.c:213:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename [MAXSTR];
data/montage-6.0+dfsg/Montage/mAddCube.c:214:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/Montage/mAddCube.c:215:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr [MAXSTR];
data/montage-6.0+dfsg/Montage/mAddCube.c:226:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/Montage/mAddCube.c:266:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/Montage/mAddCube.c:366:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mAddCube.c:432:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_file, ".fits");
data/montage-6.0+dfsg/Montage/mAddCube.c:433:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_area_file, "_area.fits");
data/montage-6.0+dfsg/Montage/mAddCube.c:580:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr[nfile] = atoi(tval(icntr));
data/montage-6.0+dfsg/Montage/mAddCube.c:594:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
innaxis1[nfile] = atoi(tval(inaxis1));
data/montage-6.0+dfsg/Montage/mAddCube.c:595:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
innaxis2[nfile] = atoi(tval(inaxis2));
data/montage-6.0+dfsg/Montage/mAddCube.c:596:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
innaxis3[nfile] = atoi(tval(inaxis3));
data/montage-6.0+dfsg/Montage/mAddCube.c:597:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
innaxis4[nfile] = atoi(tval(inaxis4));
data/montage-6.0+dfsg/Montage/mAddCube.c:685:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infile[nfile], ".fits");
data/montage-6.0+dfsg/Montage/mAddCube.c:687:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(inarea[nfile], "_area.fits");
data/montage-6.0+dfsg/Montage/mAddCube.c:1838:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXSTR];
data/montage-6.0+dfsg/Montage/mAddCube.c:1839:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headerStr[HDRLEN];
data/montage-6.0+dfsg/Montage/mAddCube.c:1851:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/Montage/mAddCube.c:1955:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[0] = atoi(value);
data/montage-6.0+dfsg/Montage/mAddCube.c:1956:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[0] = atoi(value);
data/montage-6.0+dfsg/Montage/mAddCube.c:1961:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[1] = atoi(value);
data/montage-6.0+dfsg/Montage/mAddCube.c:1962:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[1] = atoi(value);
data/montage-6.0+dfsg/Montage/mAddCube.c:1967:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[2] = atoi(value);
data/montage-6.0+dfsg/Montage/mAddCube.c:1968:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[2] = atoi(value);
data/montage-6.0+dfsg/Montage/mAddCube.c:1981:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[3] = atoi(value);
data/montage-6.0+dfsg/Montage/mAddCube.c:1982:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[3] = atoi(value);
data/montage-6.0+dfsg/Montage/mAddCube.c:2025:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/Montage/mAddExec.c:92:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file[MAXSTR];
data/montage-6.0+dfsg/Montage/mAddExec.c:93:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_dir [MAXSTR];
data/montage-6.0+dfsg/Montage/mAddExec.c:138:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argument [MAXSTR];
data/montage-6.0+dfsg/Montage/mAddExec.c:139:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file[MAXSTR];
data/montage-6.0+dfsg/Montage/mAddExec.c:140:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_body[MAXSTR];
data/montage-6.0+dfsg/Montage/mAddExec.c:141:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_ext [MAXSTR];
data/montage-6.0+dfsg/Montage/mAddExec.c:142:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/Montage/mAddExec.c:144:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/Montage/mAddExec.c:146:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXSTR];
data/montage-6.0+dfsg/Montage/mAddExec.c:147:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXSTR];
data/montage-6.0+dfsg/Montage/mAddExec.c:148:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mAddExec.c:149:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [32];
data/montage-6.0+dfsg/Montage/mAddExec.c:344:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mAddExec.c:434:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_file, ".fits");
data/montage-6.0+dfsg/Montage/mAddExec.c:673:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXSTR];
data/montage-6.0+dfsg/Montage/mAddExec.c:674:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headerStr[HDRLEN];
data/montage-6.0+dfsg/Montage/mAddExec.c:681:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/Montage/mAddExec.c:775:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(strcmp(keyword, "NAXIS1") == 0) output.naxes[0] = atoi(value);
data/montage-6.0+dfsg/Montage/mAddExec.c:777:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(strcmp(keyword, "NAXIS2") == 0) output.naxes[1] = atoi(value);
data/montage-6.0+dfsg/Montage/mAddExec.c:831:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[MAXSTR];
data/montage-6.0+dfsg/Montage/mAddExec.c:832:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status[32];
data/montage-6.0+dfsg/Montage/mAddExec.c:833:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[MAXSTR];
data/montage-6.0+dfsg/Montage/mAddExec.c:835:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mAdd");
data/montage-6.0+dfsg/Montage/mAddExec.c:838:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(cmd," -p ");
data/montage-6.0+dfsg/Montage/mAddExec.c:841:20: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (!haveAreas) strcat(cmd," -n");
data/montage-6.0+dfsg/Montage/mAddExec.c:842:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(cmd," -a ");
data/montage-6.0+dfsg/Montage/mAddExec.c:846:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(cmd,"mean");
data/montage-6.0+dfsg/Montage/mAddExec.c:849:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(cmd,"median");
data/montage-6.0+dfsg/Montage/mAddExec.c:852:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (!shrink) strcat(cmd," -e");
data/montage-6.0+dfsg/Montage/mAddExec.c:856:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(cmd," -s ");
data/montage-6.0+dfsg/Montage/mAddExec.c:884:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fname, "_%d_%d.fits", i, j);
data/montage-6.0+dfsg/Montage/mBackground.c:49:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mBackground.c:50:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mBackground.c:51:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_area_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mBackground.c:104:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/Montage/mBackground.c:105:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char corrfile[MAXSTR];
data/montage-6.0+dfsg/Montage/mBackground.c:106:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file [MAXSTR];
data/montage-6.0+dfsg/Montage/mBackground.c:107:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile [MAXSTR];
data/montage-6.0+dfsg/Montage/mBackground.c:108:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inarea [MAXSTR];
data/montage-6.0+dfsg/Montage/mBackground.c:109:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXSTR];
data/montage-6.0+dfsg/Montage/mBackground.c:120:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/Montage/mBackground.c:155:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(argv[i+1], "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mBackground.c:334:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr = atoi(tval(icntr));
data/montage-6.0+dfsg/Montage/mBackground.c:377:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(tval(icntr));
data/montage-6.0+dfsg/Montage/mBackground.c:400:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infile, ".fits");
data/montage-6.0+dfsg/Montage/mBackground.c:402:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(inarea, "_area.fits");
data/montage-6.0+dfsg/Montage/mBackground.c:407:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infile, ".fits");
data/montage-6.0+dfsg/Montage/mBackground.c:409:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(inarea, "_area.fits");
data/montage-6.0+dfsg/Montage/mBackground.c:417:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_file, ".fits");
data/montage-6.0+dfsg/Montage/mBackground.c:418:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_area_file, "_area.fits");
data/montage-6.0+dfsg/Montage/mBackground.c:827:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[MAXSTR];
data/montage-6.0+dfsg/Montage/mBackground.c:896:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/Montage/mBgExec.c:62:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char file[MAXSTR];
data/montage-6.0+dfsg/Montage/mBgExec.c:70:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char a[MAXSTR];
data/montage-6.0+dfsg/Montage/mBgExec.c:71:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char b[MAXSTR];
data/montage-6.0+dfsg/Montage/mBgExec.c:72:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char c[MAXSTR];
data/montage-6.0+dfsg/Montage/mBgExec.c:101:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/Montage/mBgExec.c:102:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/Montage/mBgExec.c:103:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitfile [MAXSTR];
data/montage-6.0+dfsg/Montage/mBgExec.c:104:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char corrdir [MAXSTR];
data/montage-6.0+dfsg/Montage/mBgExec.c:105:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imgsort [MAXSTR];
data/montage-6.0+dfsg/Montage/mBgExec.c:106:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char corrsort [MAXSTR];
data/montage-6.0+dfsg/Montage/mBgExec.c:107:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template [MAXSTR];
data/montage-6.0+dfsg/Montage/mBgExec.c:109:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXSTR];
data/montage-6.0+dfsg/Montage/mBgExec.c:110:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXSTR];
data/montage-6.0+dfsg/Montage/mBgExec.c:111:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [32];
data/montage-6.0+dfsg/Montage/mBgExec.c:165:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mBgExec.c:618:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr = atoi(tval(icntr));
data/montage-6.0+dfsg/Montage/mBgExec.c:643:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(tval(iid));
data/montage-6.0+dfsg/Montage/mBgModel.c:190:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imgfile[MAXSTR];
data/montage-6.0+dfsg/Montage/mBgModel.c:191:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitfile[MAXSTR];
data/montage-6.0+dfsg/Montage/mBgModel.c:192:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char corrtbl[MAXSTR];
data/montage-6.0+dfsg/Montage/mBgModel.c:338:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mBgModel.c:384:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(corrtbl, "w+");
data/montage-6.0+dfsg/Montage/mBgModel.c:462:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
imgs[nimages].cntr = atoi(tval(icntr));
data/montage-6.0+dfsg/Montage/mBgModel.c:463:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
imgs[nimages].naxis1 = atoi(tval(ins));
data/montage-6.0+dfsg/Montage/mBgModel.c:464:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
imgs[nimages].naxis2 = atoi(tval(inl));
data/montage-6.0+dfsg/Montage/mBgModel.c:588:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].plus = atoi(tval(iplus));
data/montage-6.0+dfsg/Montage/mBgModel.c:589:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].minus = atoi(tval(iminus));
data/montage-6.0+dfsg/Montage/mBgModel.c:595:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].xmin = atoi(tval(ixmin));
data/montage-6.0+dfsg/Montage/mBgModel.c:596:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].xmax = atoi(tval(ixmax));
data/montage-6.0+dfsg/Montage/mBgModel.c:597:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].ymin = atoi(tval(iymin));
data/montage-6.0+dfsg/Montage/mBgModel.c:598:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].ymax = atoi(tval(iymax));
data/montage-6.0+dfsg/Montage/mBgModel.c:651:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].plus = atoi(tval(iminus));
data/montage-6.0+dfsg/Montage/mBgModel.c:652:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].minus = atoi(tval(iplus));
data/montage-6.0+dfsg/Montage/mBgModel.c:656:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].xmin = atoi(tval(ixmin));
data/montage-6.0+dfsg/Montage/mBgModel.c:657:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].xmax = atoi(tval(ixmax));
data/montage-6.0+dfsg/Montage/mBgModel.c:658:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].ymin = atoi(tval(iymin));
data/montage-6.0+dfsg/Montage/mBgModel.c:659:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].ymax = atoi(tval(iymax));
data/montage-6.0+dfsg/Montage/mConvert.c:24:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mConvert.c:25:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mConvert.c:88:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/Montage/mConvert.c:130:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(argv[i+1], "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mConvert.c:604:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[MAXSTR];
data/montage-6.0+dfsg/Montage/mConvert.c:656:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:137:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile [1024];
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:138:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile [1024];
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:139:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode [1024];
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:140:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname [1024];
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:141:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[1024];
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:142:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [1024];
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:167:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proj[16];
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:192:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[256];
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:193:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[256];
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:225:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpHeader[1600];
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:226:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[80];
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:228:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field [512][MTBL_MAXSTR];
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:230:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt [64];
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:231:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value [512][MTBL_MAXSTR];
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:232:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstr [MTBL_MAXSTR];
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:233:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:246:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(in.sys, "EQ");
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:247:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(in.fmt, "DDR");
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:248:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(in.epoch, "J2000");
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:250:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(out.sys, "EQ");
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:251:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(out.fmt, "SEXC");
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:252:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(out.epoch, "J2000");
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:275:38: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(argc > i+1 && (fstatus = fopen(argv[i+1], "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:564:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:565:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:566:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:567:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", 1000 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:568:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", 1000 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:571:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %14.9f", center_ra ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:572:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %14.9f", center_dec ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:573:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %14.9f", 500.5 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:574:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %14.9f", 500.5 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:575:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %14.9f", box_xsize/1000.); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:576:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %14.9f", box_ysize/1000.); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:577:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CROTA2 = %14.9f", box_rotation ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:578:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", 2000 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:579:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:936:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(outfile, "w+");
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1119:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
equinox = atoi(tval(iequinox));
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1124:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nl = atoi(tval(inl));
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1125:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ns = atoi(tval(ins));
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1212:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1213:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1214:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1215:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", ns ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1216:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", nl ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1219:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %14.9f", crval1 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1220:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %14.9f", crval2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1221:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %14.9f", crpix1 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1222:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %14.9f", crpix2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1223:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %14.9f", cdelt1 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1224:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %14.9f", cdelt2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1225:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CROTA2 = %14.9f", crota2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1226:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", equinox); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1227:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1625:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
equinox = atoi(tval(iequinox));
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1630:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nl = atoi(tval(inl));
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1631:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ns = atoi(tval(ins));
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1729:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1730:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1731:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1732:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", ns ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1733:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", nl ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1736:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %14.9f", crval1 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1737:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %14.9f", crval2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1738:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %14.9f", crpix1 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1739:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %14.9f", crpix2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1740:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %14.9f", cdelt1 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1741:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %14.9f", cdelt2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1742:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CROTA2 = %14.9f", crota2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1743:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", equinox); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1744:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2159:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%d", naxis1);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2163:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%d", naxis2);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2167:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%.2f", crpix1);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2171:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%.2f", crpix2);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2175:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", new_center_ra);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2179:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", new_center_dec);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2191:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", crval1);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2195:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", crval2);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2199:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", point_ra[0]);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2203:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", point_dec[0]);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2207:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", point_ra[1]);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2211:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", point_dec[1]);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2215:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", point_ra[2]);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2219:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", point_dec[2]);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2223:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", point_ra[3]);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2227:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", point_dec[3]);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2236:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%ds", tbl_rec[ifield[ii]].colwd-1);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2238:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, " %%%ds", tbl_rec[ifield[ii]].colwd-1);
data/montage-6.0+dfsg/Montage/mDiff.c:51:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file1 [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiff.c:52:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file2 [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiff.c:53:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiff.c:54:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_area_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiff.c:124:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file[MAXSTR];
data/montage-6.0+dfsg/Montage/mDiff.c:125:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiff.c:127:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile[2][MAXSTR];
data/montage-6.0+dfsg/Montage/mDiff.c:128:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inarea[2][MAXSTR];
data/montage-6.0+dfsg/Montage/mDiff.c:146:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/Montage/mDiff.c:185:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mDiff.c:222:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_file, ".fits");
data/montage-6.0+dfsg/Montage/mDiff.c:223:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_area_file, "_area.fits");
data/montage-6.0+dfsg/Montage/mDiff.c:248:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infile[0], ".fits");
data/montage-6.0+dfsg/Montage/mDiff.c:250:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(inarea[0], "_area.fits");
data/montage-6.0+dfsg/Montage/mDiff.c:255:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infile[0], ".fits");
data/montage-6.0+dfsg/Montage/mDiff.c:257:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(inarea[0], "_area.fits");
data/montage-6.0+dfsg/Montage/mDiff.c:269:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infile[1], ".fits");
data/montage-6.0+dfsg/Montage/mDiff.c:271:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(inarea[1], "_area.fits");
data/montage-6.0+dfsg/Montage/mDiff.c:276:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infile[1], ".fits");
data/montage-6.0+dfsg/Montage/mDiff.c:278:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(inarea[1], "_area.fits");
data/montage-6.0+dfsg/Montage/mDiff.c:1066:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/Montage/mDiff.c:1073:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/Montage/mDiff.c:1160:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[0] = atoi(value);
data/montage-6.0+dfsg/Montage/mDiff.c:1161:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[0] = atoi(value);
data/montage-6.0+dfsg/Montage/mDiff.c:1166:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[1] = atoi(value);
data/montage-6.0+dfsg/Montage/mDiff.c:1167:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[1] = atoi(value);
data/montage-6.0+dfsg/Montage/mDiff.c:1198:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[MAXSTR];
data/montage-6.0+dfsg/Montage/mDiff.c:1248:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/Montage/mDiffExec.c:73:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffExec.c:74:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname1 [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffExec.c:75:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname2 [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffExec.c:76:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char diffname[MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffExec.c:78:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffExec.c:79:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char diffdir [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffExec.c:80:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffExec.c:82:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffExec.c:83:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffExec.c:84:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [32];
data/montage-6.0+dfsg/Montage/mDiffExec.c:139:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mDiffExec.c:292:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr1 = atoi(tval(icntr1));
data/montage-6.0+dfsg/Montage/mDiffExec.c:293:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr2 = atoi(tval(icntr2));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:63:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname1 [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname2 [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:65:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char diffname[MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:66:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:67:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rmname [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:69:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:70:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitfile [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:71:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char diffdir [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:72:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:74:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:75:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXSTR];
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:76:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [32];
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:141:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:167:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(fitfile, "w+");
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:226:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr1 = atoi(tval(icntr1));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:227:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr2 = atoi(tval(icntr2));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:340:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xmin = atoi(svc_value("xmin"));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:341:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xmax = atoi(svc_value("xmax"));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:342:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ymin = atoi(svc_value("ymin"));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:343:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ymax = atoi(svc_value("ymax"));
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:379:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(rmname, "_area.fits");
data/montage-6.0+dfsg/Montage/mFitExec.c:84:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname1 [MAXSTR];
data/montage-6.0+dfsg/Montage/mFitExec.c:85:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname2 [MAXSTR];
data/montage-6.0+dfsg/Montage/mFitExec.c:86:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char diffname[MAXSTR];
data/montage-6.0+dfsg/Montage/mFitExec.c:88:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/Montage/mFitExec.c:89:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitfile [MAXSTR];
data/montage-6.0+dfsg/Montage/mFitExec.c:90:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char diffdir [MAXSTR];
data/montage-6.0+dfsg/Montage/mFitExec.c:92:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXSTR];
data/montage-6.0+dfsg/Montage/mFitExec.c:93:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXSTR];
data/montage-6.0+dfsg/Montage/mFitExec.c:94:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [32];
data/montage-6.0+dfsg/Montage/mFitExec.c:123:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char orig_fitfile [MAXSTR];
data/montage-6.0+dfsg/Montage/mFitExec.c:124:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp [MAXSTR];
data/montage-6.0+dfsg/Montage/mFitExec.c:166:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mFitExec.c:221:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(fitfile, "w+");
data/montage-6.0+dfsg/Montage/mFitExec.c:305:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr1 = atoi(tval(icntr1));
data/montage-6.0+dfsg/Montage/mFitExec.c:306:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr2 = atoi(tval(icntr2));
data/montage-6.0+dfsg/Montage/mFitExec.c:375:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xmin = atoi(svc_value("xmin"));
data/montage-6.0+dfsg/Montage/mFitExec.c:376:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xmax = atoi(svc_value("xmax"));
data/montage-6.0+dfsg/Montage/mFitExec.c:377:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ymin = atoi(svc_value("ymin"));
data/montage-6.0+dfsg/Montage/mFitExec.c:378:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ymax = atoi(svc_value("ymax"));
data/montage-6.0+dfsg/Montage/mFitExec.c:416:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(orig_fitfile, "w+");
data/montage-6.0+dfsg/Montage/mFitExec.c:428:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(fitfile, "r+");
data/montage-6.0+dfsg/Montage/mFitplane.c:52:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file[MAXSTR];
data/montage-6.0+dfsg/Montage/mFitplane.c:133:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/Montage/mFitplane.c:189:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mFitplane.c:643:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/Montage/mFlattenExec.c:69:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname [MAXSTR];
data/montage-6.0+dfsg/Montage/mFlattenExec.c:71:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/Montage/mFlattenExec.c:72:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/Montage/mFlattenExec.c:73:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flatdir [MAXSTR];
data/montage-6.0+dfsg/Montage/mFlattenExec.c:75:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXSTR];
data/montage-6.0+dfsg/Montage/mFlattenExec.c:76:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXSTR];
data/montage-6.0+dfsg/Montage/mFlattenExec.c:77:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [32];
data/montage-6.0+dfsg/Montage/mFlattenExec.c:133:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mFlattenExec.c:258:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xmin = atoi(svc_value("xmin"));
data/montage-6.0+dfsg/Montage/mFlattenExec.c:259:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xmax = atoi(svc_value("xmax"));
data/montage-6.0+dfsg/Montage/mFlattenExec.c:260:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ymin = atoi(svc_value("ymin"));
data/montage-6.0+dfsg/Montage/mFlattenExec.c:261:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ymax = atoi(svc_value("ymax"));
data/montage-6.0+dfsg/Montage/mGetHdr.c:54:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile [1024];
data/montage-6.0+dfsg/Montage/mGetHdr.c:55:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdrfile [1024];
data/montage-6.0+dfsg/Montage/mGetHdr.c:56:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [1024];
data/montage-6.0+dfsg/Montage/mGetHdr.c:57:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileBase[1024];
data/montage-6.0+dfsg/Montage/mGetHdr.c:58:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword [1024];
data/montage-6.0+dfsg/Montage/mGetHdr.c:69:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[256];
data/montage-6.0+dfsg/Montage/mGetHdr.c:93:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mGetHdr.c:158:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(hdrfile, "w+");
data/montage-6.0+dfsg/Montage/mGetHdr.c:391:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/Montage/mHdrCheck.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char filename[1024];
data/montage-6.0+dfsg/Montage/mHdrCheck.c:49:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile[1024];
data/montage-6.0+dfsg/Montage/mHdrCheck.c:70:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hdu = atoi(optarg);
data/montage-6.0+dfsg/Montage/mHdrCheck.c:78:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mHdrtbl.c:72:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname [256];
data/montage-6.0+dfsg/Montage/mHdrtbl.c:73:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblname [256];
data/montage-6.0+dfsg/Montage/mHdrtbl.c:113:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mHdrtbl.c:199:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tblf = fopen(tblname, "w+");
data/montage-6.0+dfsg/Montage/mHdrtbl.c:223:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAXLEN], tmpname[128], template[128];
data/montage-6.0+dfsg/Montage/mHdrtbl.c:227:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(template, "/tmp/IMTXXXXXX");
data/montage-6.0+dfsg/Montage/mHdrtbl.c:230:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdata = fopen(tblname, "r");
data/montage-6.0+dfsg/Montage/mHdrtbl.c:238:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ftmp = fopen(tmpname, "w+");
data/montage-6.0+dfsg/Montage/mHdrtbl.c:265:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ftmp = fopen(tmpname, "r");
data/montage-6.0+dfsg/Montage/mHdrtbl.c:273:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdata = fopen(tblname, "w+");
data/montage-6.0+dfsg/Montage/mHdrtbl.c:305:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "|\n");
data/montage-6.0+dfsg/Montage/mHdrtbl.c:307:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, " \n");
data/montage-6.0+dfsg/Montage/mHdrtbl.c:327:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname [MAXLEN];
data/montage-6.0+dfsg/Montage/mHdrtbl.c:328:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXLEN];
data/montage-6.0+dfsg/Montage/mHdrtbl.c:329:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname [MAXLEN];
data/montage-6.0+dfsg/Montage/mImgtbl.c:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name [128];
data/montage-6.0+dfsg/Montage/mImgtbl.c:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type [128];
data/montage-6.0+dfsg/Montage/mImgtbl.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value [128];
data/montage-6.0+dfsg/Montage/mImgtbl.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defval[128];
data/montage-6.0+dfsg/Montage/mImgtbl.c:80:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cname [9][32] = {"NAXIS", "NAXIS3", "CRVAL3", "CDELT3", "CRPIX3", "NAXIS4", "CRVAL4", "CDELT4", "CRPIX4"};
data/montage-6.0+dfsg/Montage/mImgtbl.c:81:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype [9][32] = {"int", "int", "double", "double", "double", "int", "double", "double", "double"};
data/montage-6.0+dfsg/Montage/mImgtbl.c:115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname [256];
data/montage-6.0+dfsg/Montage/mImgtbl.c:116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblname [256];
data/montage-6.0+dfsg/Montage/mImgtbl.c:117:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [1024];
data/montage-6.0+dfsg/Montage/mImgtbl.c:195:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mImgtbl.c:204:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((ffields = fopen(optarg, "r")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mImgtbl.c:265:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fields[nfields].width = atoi(pwidth);
data/montage-6.0+dfsg/Montage/mImgtbl.c:408:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tblf = fopen(tblname, "w+");
data/montage-6.0+dfsg/Montage/mImgtbl.c:433:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAXLEN], tmpname[128], template[128];
data/montage-6.0+dfsg/Montage/mImgtbl.c:437:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(template, "/tmp/IMTXXXXXX");
data/montage-6.0+dfsg/Montage/mImgtbl.c:440:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdata = fopen(tblname, "r");
data/montage-6.0+dfsg/Montage/mImgtbl.c:448:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ftmp = fopen(tmpname, "w+");
data/montage-6.0+dfsg/Montage/mImgtbl.c:475:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ftmp = fopen(tmpname, "r");
data/montage-6.0+dfsg/Montage/mImgtbl.c:483:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdata = fopen(tblname, "w+");
data/montage-6.0+dfsg/Montage/mImgtbl.c:515:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "|\n");
data/montage-6.0+dfsg/Montage/mImgtbl.c:517:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, " \n");
data/montage-6.0+dfsg/Montage/mImgtbl.c:537:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname [MAXLEN], msg [MAXLEN];
data/montage-6.0+dfsg/Montage/mImgtbl.c:538:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname [MAXLEN], cmd [MAXLEN];
data/montage-6.0+dfsg/Montage/mImgtbl.c:539:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[MAXLEN], fname[MAXLEN];
data/montage-6.0+dfsg/Montage/mImgtbl.c:612:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(template, "/tmp/IMXXXXXX");
data/montage-6.0+dfsg/Montage/mImgtbl.c:614:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmpname, ".fits");
data/montage-6.0+dfsg/Montage/mMakeHdr.c:91:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[16];
data/montage-6.0+dfsg/Montage/mMakeHdr.c:92:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[16];
data/montage-6.0+dfsg/Montage/mMakeHdr.c:153:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/Montage/mMakeHdr.c:154:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template [MAXSTR];
data/montage-6.0+dfsg/Montage/mMakeHdr.c:155:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char epochStr [MAXSTR];
data/montage-6.0+dfsg/Montage/mMakeHdr.c:156:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char csysStr [MAXSTR];
data/montage-6.0+dfsg/Montage/mMakeHdr.c:157:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXSTR];
data/montage-6.0+dfsg/Montage/mMakeHdr.c:183:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[1600];
data/montage-6.0+dfsg/Montage/mMakeHdr.c:184:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[80];
data/montage-6.0+dfsg/Montage/mMakeHdr.c:254:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pad = atoi(optarg);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:269:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxPixel = atoi(optarg);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:289:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mMakeHdr.c:349:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(template, "w+");
data/montage-6.0+dfsg/Montage/mMakeHdr.c:764:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
colNaxis = atoi(tval(inaxis));
data/montage-6.0+dfsg/Montage/mMakeHdr.c:790:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
colNaxis3 = atoi(tval(inaxis3));
data/montage-6.0+dfsg/Montage/mMakeHdr.c:807:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
colNaxis4 = atoi(tval(inaxis4));
data/montage-6.0+dfsg/Montage/mMakeHdr.c:974:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input.naxis1 = atoi(tval(ins));
data/montage-6.0+dfsg/Montage/mMakeHdr.c:975:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input.naxis2 = atoi(tval(inl));
data/montage-6.0+dfsg/Montage/mMakeHdr.c:986:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input.equinox = atoi(tval(iequinox));
data/montage-6.0+dfsg/Montage/mMakeHdr.c:992:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:993:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:994:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:995:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", input.naxis1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:996:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", input.naxis2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:999:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %14.9f", input.crval1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1000:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %14.9f", input.crval2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1001:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %14.9f", input.crpix1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1002:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %14.9f", input.crpix2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1003:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %14.9f", input.cdelt1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1004:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %14.9f", input.cdelt2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1005:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CROTA2 = %14.9f", input.crota2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1006:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", input.equinox); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1007:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1256:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, " Cube columns exist but are either blank or inconsistent; outputting 2D only.");
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1443:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Cube columns exist but are either blank or inconsistent. Outputting 2D only.");
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1516:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1518:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1525:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/Montage/mMakeImg.c:123:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file[MAXSTR];
data/montage-6.0+dfsg/Montage/mMakeImg.c:124:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mMakeImg.c:125:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valstr [MAXSTR];
data/montage-6.0+dfsg/Montage/mMakeImg.c:126:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char table_file [MAXSTR][MAXFILE];
data/montage-6.0+dfsg/Montage/mMakeImg.c:127:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char image_file [MAXSTR][MAXFILE];
data/montage-6.0+dfsg/Montage/mMakeImg.c:128:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colname [MAXSTR][MAXFILE];
data/montage-6.0+dfsg/Montage/mMakeImg.c:166:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arrayfile[MAXSTR];
data/montage-6.0+dfsg/Montage/mMakeImg.c:177:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/Montage/mMakeImg.c:246:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
debug = atoi(argv[index+1]);
data/montage-6.0+dfsg/Montage/mMakeImg.c:274:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
farray = fopen(arrayfile, "r");
data/montage-6.0+dfsg/Montage/mMakeImg.c:1446:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/Montage/mMakeImg.c:1448:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *header[2];
data/montage-6.0+dfsg/Montage/mMakeImg.c:1466:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/Montage/mMakeImg.c:1652:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[0] = atoi(value);
data/montage-6.0+dfsg/Montage/mMakeImg.c:1655:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[1] = atoi(value);
data/montage-6.0+dfsg/Montage/mMakeImg.c:1669:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/Montage/mMakeImg.c:1686:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char valstr[MAXSTR];
data/montage-6.0+dfsg/Montage/mOverlaps.c:96:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[16];
data/montage-6.0+dfsg/Montage/mOverlaps.c:97:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[16];
data/montage-6.0+dfsg/Montage/mOverlaps.c:116:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[MAXSTR];
data/montage-6.0+dfsg/Montage/mOverlaps.c:153:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt [MAXSTR];
data/montage-6.0+dfsg/Montage/mOverlaps.c:154:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile[MAXSTR];
data/montage-6.0+dfsg/Montage/mOverlaps.c:155:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char difftbl[MAXSTR];
data/montage-6.0+dfsg/Montage/mOverlaps.c:159:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[1600];
data/montage-6.0+dfsg/Montage/mOverlaps.c:160:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[80];
data/montage-6.0+dfsg/Montage/mOverlaps.c:218:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mOverlaps.c:242:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(difftbl, "w+");
data/montage-6.0+dfsg/Montage/mOverlaps.c:405:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input[nimages].cntr = atoi(tval(icntr));
data/montage-6.0+dfsg/Montage/mOverlaps.c:417:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input[nimages].naxis1 = atoi(tval(ins));
data/montage-6.0+dfsg/Montage/mOverlaps.c:418:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input[nimages].naxis2 = atoi(tval(inl));
data/montage-6.0+dfsg/Montage/mOverlaps.c:442:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:443:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:444:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:445:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", input[nimages].naxis1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:446:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", input[nimages].naxis2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:449:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %11.6f", input[nimages].crval1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:450:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %11.6f", input[nimages].crval2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:451:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %11.6f", input[nimages].crpix1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:452:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %11.6f", input[nimages].crpix2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:456:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %14.9f", input[nimages].cdelt1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:457:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %14.9f", input[nimages].cdelt2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:458:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CROTA2 = %11.6f", input[nimages].crota2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:462:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD1_1 = %11.6f", input[nimages].cd11 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:463:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD1_2 = %11.6f", input[nimages].cd12 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:464:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD2_1 = %11.6f", input[nimages].cd21 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:465:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD2_2 = %11.6f", input[nimages].cd22 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:468:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %11.6f", input[nimages].crval2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:469:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %11.6f", input[nimages].crval1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:470:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", input[nimages].equinox); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:471:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mOverlaps.c:474:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input[nimages].equinox = atoi(tval(iequinox));
data/montage-6.0+dfsg/Montage/mOverlaps.c:670:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "| cntr1 | cntr2 |%%%ds |%%%ds | diff |\n", namelen, namelen);
data/montage-6.0+dfsg/Montage/mOverlaps.c:673:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "| int | int |%%%ds |%%%ds | char |\n", namelen, namelen);
data/montage-6.0+dfsg/Montage/mOverlaps.c:746:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%8d%%8d %%%ds %%%ds diff.%%06d.%%06d.fits\n", namelen, namelen);
data/montage-6.0+dfsg/Montage/mProjExec.c:117:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:118:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:119:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:120:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char projdir [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:121:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stats [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:122:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:123:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:124:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:125:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char border [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:126:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scaleCol [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:127:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char weightCol[MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:128:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scaleStr [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:129:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char weightStr[MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:130:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wholeStr [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:131:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdustr [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:133:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origstr [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:134:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altinstr [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:135:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altoutstr [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:137:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:138:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:139:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [32];
data/montage-6.0+dfsg/Montage/mProjExec.c:156:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char orig_stats [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:157:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:273:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mProjExec.c:361:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(origstr, "orig_%d.hdr", MPI_rank);
data/montage-6.0+dfsg/Montage/mProjExec.c:362:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(altinstr, "altin_%d.hdr", MPI_rank);
data/montage-6.0+dfsg/Montage/mProjExec.c:363:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(altoutstr, "altout_%d.hdr", MPI_rank);
data/montage-6.0+dfsg/Montage/mProjExec.c:365:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(origstr, "orig.hdr");
data/montage-6.0+dfsg/Montage/mProjExec.c:366:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(altinstr, "altin.hdr");
data/montage-6.0+dfsg/Montage/mProjExec.c:367:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(altoutstr, "altout.hdr");
data/montage-6.0+dfsg/Montage/mProjExec.c:371:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(stats, "a+");
data/montage-6.0+dfsg/Montage/mProjExec.c:373:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(stats, "w+");
data/montage-6.0+dfsg/Montage/mProjExec.c:557:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hdu = atoi(tval(ihdu));
data/montage-6.0+dfsg/Montage/mProjExec.c:586:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hdustr, "hdu%d_", hdu);
data/montage-6.0+dfsg/Montage/mProjExec.c:722:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hdustr, "-h %d", hdu);
data/montage-6.0+dfsg/Montage/mProjExec.c:825:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(wholeStr, " -X");
data/montage-6.0+dfsg/Montage/mProjExec.c:830:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(wholeStr, " -f");
data/montage-6.0+dfsg/Montage/mProjExec.c:837:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hdustr, "-h %d", hdu);
data/montage-6.0+dfsg/Montage/mProjExec.c:848:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(weightStr, "-W %-g", weight);
data/montage-6.0+dfsg/Montage/mProjExec.c:1014:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(orig_stats, "w+");
data/montage-6.0+dfsg/Montage/mProjExec.c:1026:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(stats, "r+");
data/montage-6.0+dfsg/Montage/mProjExec.c:1066:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/Montage/mProjExec.c:1067:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/Montage/mProjExec.c:1078:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/Montage/mProjExec.c:1113:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
naxes = atoi(ptr + 10);
data/montage-6.0+dfsg/Montage/mProject.c:89:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mProject.c:90:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mProject.c:91:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char area_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mProject.c:92:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char weight_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mProject.c:254:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file[MAXSTR];
data/montage-6.0+dfsg/Montage/mProject.c:276:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/Montage/mProject.c:398:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mProject.c:462:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_file, ".fits");
data/montage-6.0+dfsg/Montage/mProject.c:463:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(area_file, "_area.fits");
data/montage-6.0+dfsg/Montage/mProject.c:1939:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/Montage/mProject.c:1941:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/Montage/mProject.c:1956:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/Montage/mProject.c:2126:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/Montage/mProject.c:2168:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[0] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/Montage/mProject.c:2169:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[0] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/Montage/mProject.c:2171:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "NAXIS1 = %ld", output.naxes[0]);
data/montage-6.0+dfsg/Montage/mProject.c:2176:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[1] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/Montage/mProject.c:2177:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[1] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/Montage/mProject.c:2179:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "NAXIS2 = %ld", output.naxes[1]);
data/montage-6.0+dfsg/Montage/mProject.c:2186:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "CRPIX1 = %11.6f", crpix1);
data/montage-6.0+dfsg/Montage/mProject.c:2193:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "CRPIX2 = %11.6f", crpix2);
data/montage-6.0+dfsg/Montage/mProject.c:2213:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[MAXSTR];
data/montage-6.0+dfsg/Montage/mProject.c:2398:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/Montage/mProjectCube.c:46:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectCube.c:47:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectCube.c:48:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char area_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectCube.c:49:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char weight_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectCube.c:214:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file[MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectCube.c:234:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/Montage/mProjectCube.c:342:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mProjectCube.c:406:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_file, ".fits");
data/montage-6.0+dfsg/Montage/mProjectCube.c:407:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(area_file, "_area.fits");
data/montage-6.0+dfsg/Montage/mProjectCube.c:2049:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectCube.c:2051:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/Montage/mProjectCube.c:2066:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/Montage/mProjectCube.c:2236:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectCube.c:2278:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[0] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/Montage/mProjectCube.c:2279:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[0] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/Montage/mProjectCube.c:2281:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "NAXIS1 = %ld", output.naxes[0]);
data/montage-6.0+dfsg/Montage/mProjectCube.c:2286:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[1] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/Montage/mProjectCube.c:2287:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[1] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/Montage/mProjectCube.c:2289:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "NAXIS2 = %ld", output.naxes[1]);
data/montage-6.0+dfsg/Montage/mProjectCube.c:2296:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "CRPIX1 = %11.6f", crpix1);
data/montage-6.0+dfsg/Montage/mProjectCube.c:2303:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "CRPIX2 = %11.6f", crpix2);
data/montage-6.0+dfsg/Montage/mProjectCube.c:2323:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectCube.c:2529:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/Montage/mProjectPP.c:81:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectPP.c:82:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectPP.c:83:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char area_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectPP.c:84:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char weight_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectPP.c:85:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altout [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectPP.c:86:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altin [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectPP.c:89:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_header [HDRLEN];
data/montage-6.0+dfsg/Montage/mProjectPP.c:90:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alt_input_header [HDRLEN];
data/montage-6.0+dfsg/Montage/mProjectPP.c:91:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alt_output_header[HDRLEN];
data/montage-6.0+dfsg/Montage/mProjectPP.c:240:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file[MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectPP.c:241:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectPP.c:262:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/Montage/mProjectPP.c:320:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mProjectPP.c:464:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_file, ".fits");
data/montage-6.0+dfsg/Montage/mProjectPP.c:465:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(area_file, "_area.fits");
data/montage-6.0+dfsg/Montage/mProjectPP.c:1630:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectPP.c:1633:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headerStr[HDRLEN];
data/montage-6.0+dfsg/Montage/mProjectPP.c:1649:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/Montage/mProjectPP.c:1894:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectPP.c:1939:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[0] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/Montage/mProjectPP.c:1940:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[0] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/Montage/mProjectPP.c:1942:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "NAXIS1 = %ld", output.naxes[0]);
data/montage-6.0+dfsg/Montage/mProjectPP.c:1947:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[1] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/Montage/mProjectPP.c:1948:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[1] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/Montage/mProjectPP.c:1950:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "NAXIS2 = %ld", output.naxes[1]);
data/montage-6.0+dfsg/Montage/mProjectPP.c:1957:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "CRPIX1 = %11.6f", crpix1);
data/montage-6.0+dfsg/Montage/mProjectPP.c:1964:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "CRPIX2 = %11.6f", crpix2);
data/montage-6.0+dfsg/Montage/mProjectPP.c:1983:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[MAXSTR];
data/montage-6.0+dfsg/Montage/mProjectPP.c:2151:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/Montage/mProjectPP.c:2247:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[8192];
data/montage-6.0+dfsg/Montage/mProjectPP.c:2284:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
polygon[nborder].x = atoi(ptr);
data/montage-6.0+dfsg/Montage/mProjectPP.c:2304:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
polygon[nborder].y = atoi(ptr);
data/montage-6.0+dfsg/Montage/mPutHdr.c:38:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mPutHdr.c:39:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mPutHdr.c:92:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file[MAXSTR];
data/montage-6.0+dfsg/Montage/mPutHdr.c:93:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXSTR];
data/montage-6.0+dfsg/Montage/mPutHdr.c:107:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/Montage/mPutHdr.c:142:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mPutHdr.c:191:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ftemp = fopen(template_file, "r");
data/montage-6.0+dfsg/Montage/mPutHdr.c:204:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tnaxis = atoi(line+10);
data/montage-6.0+dfsg/Montage/mPutHdr.c:207:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tnaxis1 = atoi(line+10);
data/montage-6.0+dfsg/Montage/mPutHdr.c:210:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tnaxis2 = atoi(line+10);
data/montage-6.0+dfsg/Montage/mPutHdr.c:213:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tnaxis3 = atoi(line+10);
data/montage-6.0+dfsg/Montage/mPutHdr.c:216:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tnaxis4 = atoi(line+10);
data/montage-6.0+dfsg/Montage/mPutHdr.c:468:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[MAXSTR];
data/montage-6.0+dfsg/Montage/mPutHdr.c:545:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/Montage/mShrink.c:77:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mShrink.c:78:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file[MAXSTR];
data/montage-6.0+dfsg/Montage/mShrink.c:91:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[16];
data/montage-6.0+dfsg/Montage/mShrink.c:92:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[16];
data/montage-6.0+dfsg/Montage/mShrink.c:110:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bunit[80];
data/montage-6.0+dfsg/Montage/mShrink.c:156:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/Montage/mShrink.c:203:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mShrink.c:1142:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[32], ctype2[32];
data/montage-6.0+dfsg/Montage/mShrink.c:1162:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bunit[80];
data/montage-6.0+dfsg/Montage/mShrink.c:1164:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024];
data/montage-6.0+dfsg/Montage/mShrink.c:1410:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/Montage/mShrinkCube.c:55:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/Montage/mShrinkCube.c:56:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file[MAXSTR];
data/montage-6.0+dfsg/Montage/mShrinkCube.c:70:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[16];
data/montage-6.0+dfsg/Montage/mShrinkCube.c:71:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[16];
data/montage-6.0+dfsg/Montage/mShrinkCube.c:89:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bunit[80];
data/montage-6.0+dfsg/Montage/mShrinkCube.c:127:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char statfile[MAXSTR];
data/montage-6.0+dfsg/Montage/mShrinkCube.c:139:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/Montage/mShrinkCube.c:224:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(statfile, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mShrinkCube.c:1229:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[32], ctype2[32];
data/montage-6.0+dfsg/Montage/mShrinkCube.c:1249:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bunit[80];
data/montage-6.0+dfsg/Montage/mShrinkCube.c:1251:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024];
data/montage-6.0+dfsg/Montage/mShrinkCube.c:1514:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/Montage/mSubCube.c:54:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile [STRLEN];
data/montage-6.0+dfsg/Montage/mSubCube.c:55:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile [STRLEN];
data/montage-6.0+dfsg/Montage/mSubCube.c:56:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char appname [STRLEN];
data/montage-6.0+dfsg/Montage/mSubCube.c:57:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char statfile[STRLEN];
data/montage-6.0+dfsg/Montage/mSubCube.c:83:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *header[2];
data/montage-6.0+dfsg/Montage/mSubCube.c:512:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(statfile, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mSubimage.c:94:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile [1024];
data/montage-6.0+dfsg/Montage/mSubimage.c:95:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile[1024];
data/montage-6.0+dfsg/Montage/mSubimage.c:96:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char appname[1024];
data/montage-6.0+dfsg/Montage/mSubimage.c:121:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *header[2];
data/montage-6.0+dfsg/Montage/mSubimage.c:198:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(argv[i+1], "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mSubset.c:84:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[16];
data/montage-6.0+dfsg/Montage/mSubset.c:85:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[16];
data/montage-6.0+dfsg/Montage/mSubset.c:153:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/Montage/mSubset.c:154:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[MAXSTR];
data/montage-6.0+dfsg/Montage/mSubset.c:155:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subtbl [MAXSTR];
data/montage-6.0+dfsg/Montage/mSubset.c:156:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header [1600];
data/montage-6.0+dfsg/Montage/mSubset.c:157:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp [80];
data/montage-6.0+dfsg/Montage/mSubset.c:217:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mSubset.c:244:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(subtbl, "w+");
data/montage-6.0+dfsg/Montage/mSubset.c:539:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input.naxis1 = atoi(tval(ins));
data/montage-6.0+dfsg/Montage/mSubset.c:540:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input.naxis2 = atoi(tval(inl));
data/montage-6.0+dfsg/Montage/mSubset.c:563:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:564:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:565:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:566:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", input.naxis1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:567:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", input.naxis2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:570:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %11.6f", input.crval1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:571:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %11.6f", input.crval2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:572:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %11.6f", input.crpix1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:573:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %11.6f", input.crpix2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:577:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %14.9f", input.cdelt1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:578:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %14.9f", input.cdelt2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:579:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CROTA2 = %11.6f", input.crota2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:583:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD1_1 = %11.6f", input.cd11 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:584:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD1_2 = %11.6f", input.cd12 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:585:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD2_1 = %11.6f", input.cd21 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:586:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD2_2 = %11.6f", input.cd22 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:589:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", input.equinox); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:590:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mSubset.c:605:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input.equinox = atoi(tval(iequinox));
data/montage-6.0+dfsg/Montage/mSubset.c:988:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/Montage/mSubset.c:990:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[32768];
data/montage-6.0+dfsg/Montage/mSubset.c:1006:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/Montage/mSubset.c:1171:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[0] = atoi(value);
data/montage-6.0+dfsg/Montage/mSubset.c:1174:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[1] = atoi(value);
data/montage-6.0+dfsg/Montage/mTANHdr.c:98:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cdelt1 [80];
data/montage-6.0+dfsg/Montage/mTANHdr.c:99:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cdelt2 [80];
data/montage-6.0+dfsg/Montage/mTANHdr.c:100:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char crota2 [80];
data/montage-6.0+dfsg/Montage/mTANHdr.c:101:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cd11 [80];
data/montage-6.0+dfsg/Montage/mTANHdr.c:102:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cd12 [80];
data/montage-6.0+dfsg/Montage/mTANHdr.c:103:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cd21 [80];
data/montage-6.0+dfsg/Montage/mTANHdr.c:104:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cd22 [80];
data/montage-6.0+dfsg/Montage/mTANHdr.c:105:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pc11 [80];
data/montage-6.0+dfsg/Montage/mTANHdr.c:106:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pc12 [80];
data/montage-6.0+dfsg/Montage/mTANHdr.c:107:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pc21 [80];
data/montage-6.0+dfsg/Montage/mTANHdr.c:108:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pc22 [80];
data/montage-6.0+dfsg/Montage/mTANHdr.c:109:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char epoch [80];
data/montage-6.0+dfsg/Montage/mTANHdr.c:110:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char equinox[80];
data/montage-6.0+dfsg/Montage/mTANHdr.c:159:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origtmpl[MAXSTR];
data/montage-6.0+dfsg/Montage/mTANHdr.c:160:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newtmpl [MAXSTR];
data/montage-6.0+dfsg/Montage/mTANHdr.c:265:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mTANHdr.c:295:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(newtmpl, "w+");
data/montage-6.0+dfsg/Montage/mTANHdr.c:388:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cdelt1, "%15.10f", wcs->cdelt[0]);
data/montage-6.0+dfsg/Montage/mTANHdr.c:391:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cdelt2, "%15.10f", wcs->cdelt[1]);
data/montage-6.0+dfsg/Montage/mTANHdr.c:394:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(crota2, "%15.10f", wcs->rot);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1238:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/Montage/mTANHdr.c:1240:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(template, "r");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1418:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/Montage/mTANHdr.c:1419:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/Montage/mTANHdr.c:1425:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(template, "r");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1534:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header [32768];
data/montage-6.0+dfsg/Montage/mTANHdr.c:1535:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp [MAXSTR];
data/montage-6.0+dfsg/Montage/mTANHdr.c:1562:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1566:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1570:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1574:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", naxis1 );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1578:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", naxis2 );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1584:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CTYPE1 = 'RA---TAN-SIP'");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1588:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CTYPE2 = 'DEC--TAN-SIP'");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1603:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %15.10f", xpos );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1607:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %15.10f", ypos );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1611:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %15.10f", x );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1615:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %15.10f", y );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1621:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %.10f", pcdelt1 );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1628:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %.10f", pcdelt2 );
data/montage-6.0+dfsg/Montage/mTANHdr.c:1711:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "A_ORDER = %d", order-1);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1722:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "A_%d_%d = %10.3e",
data/montage-6.0+dfsg/Montage/mTANHdr.c:1731:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "B_ORDER = %d", order-1);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1742:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "B_%d_%d = %10.3e",
data/montage-6.0+dfsg/Montage/mTANHdr.c:1752:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "AP_ORDER= %d", order-1);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1763:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "AP_%d_%d = %10.3e",
data/montage-6.0+dfsg/Montage/mTANHdr.c:1772:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BP_ORDER= %d", order-1);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1783:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BP_%d_%d = %10.3e",
data/montage-6.0+dfsg/Montage/mTANHdr.c:1792:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END"); stradd(header, temp);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1862:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[81];
data/montage-6.0+dfsg/Montage/mTblSort.c:42:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblname[1024];
data/montage-6.0+dfsg/Montage/mTblSort.c:43:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outname[1024];
data/montage-6.0+dfsg/Montage/mTblSort.c:44:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colname[1024];
data/montage-6.0+dfsg/Montage/mTblSort.c:46:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/Montage/mTblSort.c:117:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(tblname, "r");
data/montage-6.0+dfsg/Montage/mTblSort.c:126:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(outname, "w+");
data/montage-6.0+dfsg/Montage/mTileHdr.c:67:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origtmpl[MAXSTR];
data/montage-6.0+dfsg/Montage/mTileHdr.c:68:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newtmpl [MAXSTR];
data/montage-6.0+dfsg/Montage/mTileHdr.c:92:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/mTileHdr.c:118:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nx = atoi(argv[optind+2]);
data/montage-6.0+dfsg/Montage/mTileHdr.c:119:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ny = atoi(argv[optind+3]);
data/montage-6.0+dfsg/Montage/mTileHdr.c:120:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ix = atoi(argv[optind+4]);
data/montage-6.0+dfsg/Montage/mTileHdr.c:121:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
iy = atoi(argv[optind+5]);
data/montage-6.0+dfsg/Montage/mTileHdr.c:133:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xpad = atoi(argv[optind+6]);
data/montage-6.0+dfsg/Montage/mTileHdr.c:137:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ypad = atoi(argv[optind+7]);
data/montage-6.0+dfsg/Montage/mTileHdr.c:141:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(newtmpl, "w+");
data/montage-6.0+dfsg/Montage/mTileHdr.c:257:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/Montage/mTileHdr.c:258:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/Montage/mTileHdr.c:260:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(template, "r");
data/montage-6.0+dfsg/Montage/mTileHdr.c:346:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/Montage/mTileHdr.c:348:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(template, "r");
data/montage-6.0+dfsg/Montage/mTileHdr.c:394:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[81];
data/montage-6.0+dfsg/Montage/mTileImage.c:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *header[2];
data/montage-6.0+dfsg/Montage/mTileImage.c:220:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oname[2048];
data/montage-6.0+dfsg/Montage/mTileImage.c:252:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*ptr = atoi(str);
data/montage-6.0+dfsg/Montage/print_hrec.c:31:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(in.sys, "EQ");
data/montage-6.0+dfsg/Montage/print_hrec.c:32:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(in.fmt, "DDR");
data/montage-6.0+dfsg/Montage/print_hrec.c:33:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(in.epoch, "J2000");
data/montage-6.0+dfsg/Montage/print_hrec.c:35:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(out.sys, "EQ");
data/montage-6.0+dfsg/Montage/print_hrec.c:36:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(out.fmt, "SEXC");
data/montage-6.0+dfsg/Montage/print_hrec.c:37:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(out.epoch, "J2000");
data/montage-6.0+dfsg/Montage/print_rec.c:41:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name [128];
data/montage-6.0+dfsg/Montage/print_rec.c:42:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type [128];
data/montage-6.0+dfsg/Montage/print_rec.c:43:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value [128];
data/montage-6.0+dfsg/Montage/print_rec.c:44:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defval[128];
data/montage-6.0+dfsg/Montage/print_rec.c:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[32];
data/montage-6.0+dfsg/Montage/print_rec.c:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[256];
data/montage-6.0+dfsg/Montage/print_rec.c:65:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(in.sys, "EQ");
data/montage-6.0+dfsg/Montage/print_rec.c:66:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(in.fmt, "DDR");
data/montage-6.0+dfsg/Montage/print_rec.c:67:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(in.epoch, "J2000");
data/montage-6.0+dfsg/Montage/print_rec.c:69:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(out.sys, "EQ");
data/montage-6.0+dfsg/Montage/print_rec.c:70:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(out.fmt, "SEXC");
data/montage-6.0+dfsg/Montage/print_rec.c:71:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(out.epoch, "J2000");
data/montage-6.0+dfsg/Montage/print_rec.c:84:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%ds|", fields[i].width);
data/montage-6.0+dfsg/Montage/print_rec.c:100:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%ds|", fields[i].width);
data/montage-6.0+dfsg/Montage/print_rec.c:116:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%ds|", fields[i].width);
data/montage-6.0+dfsg/Montage/print_rec.c:131:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%ds|", fields[i].width);
data/montage-6.0+dfsg/Montage/print_rec.c:164:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, " %%%ds", fields[i].width);
data/montage-6.0+dfsg/Montage/projTest.c:54:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[5], ctype2[5];
data/montage-6.0+dfsg/Montage/projTest.c:92:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origtmpl[MAXSTR];
data/montage-6.0+dfsg/Montage/projTest.c:93:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newtmpl [MAXSTR];
data/montage-6.0+dfsg/Montage/projTest.c:94:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char csys [MAXSTR];
data/montage-6.0+dfsg/Montage/projTest.c:164:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ctype1, "RA--");
data/montage-6.0+dfsg/Montage/projTest.c:165:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ctype2, "DEC-");
data/montage-6.0+dfsg/Montage/projTest.c:173:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ctype1, "ELON");
data/montage-6.0+dfsg/Montage/projTest.c:174:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ctype2, "ELAT");
data/montage-6.0+dfsg/Montage/projTest.c:182:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ctype1, "GLON");
data/montage-6.0+dfsg/Montage/projTest.c:183:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ctype2, "GLAT");
data/montage-6.0+dfsg/Montage/projTest.c:242:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/Montage/projTest.c:270:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(newtmpl, "w+");
data/montage-6.0+dfsg/Montage/projTest.c:435:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/Montage/projTest.c:436:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/Montage/projTest.c:438:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(template, "r");
data/montage-6.0+dfsg/Montage/projTest.c:527:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header [32768];
data/montage-6.0+dfsg/Montage/projTest.c:528:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp [MAXSTR];
data/montage-6.0+dfsg/Montage/projTest.c:552:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:553:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:554:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:555:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", naxis1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:556:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", naxis2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:560:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CTYPE1 = 'RA---TAN-SIP'");
data/montage-6.0+dfsg/Montage/projTest.c:562:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CTYPE2 = 'DEC--TAN-SIP'");
data/montage-6.0+dfsg/Montage/projTest.c:573:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %15.10f", xpos ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:574:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %15.10f", ypos ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:575:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %15.10f", x ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:576:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %15.10f", y ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:577:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %15.10f", wcs->cdelt[0]); straddheader, temp);
data/montage-6.0+dfsg/Montage/projTest.c:578:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %15.10f", wcs->cdelt[1]); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:581:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{sprintf(temp, "CROTA2 = %15.10f", 0. ); stradd(header, temp);}
data/montage-6.0+dfsg/Montage/projTest.c:583:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{sprintf(temp, "CROTA2 = %15.10f", wcs->rot ); stradd(header, temp);}
data/montage-6.0+dfsg/Montage/projTest.c:585:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %7.2f", wcs->equinox ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:587:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "A_ORDER = %d", order-1);
data/montage-6.0+dfsg/Montage/projTest.c:596:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "A_%d_%d = %10.3e",
data/montage-6.0+dfsg/Montage/projTest.c:603:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "B_ORDER = %d", order-1);
data/montage-6.0+dfsg/Montage/projTest.c:612:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "B_%d_%d = %10.3e",
data/montage-6.0+dfsg/Montage/projTest.c:620:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "AP_ORDER= %d", order-1);
data/montage-6.0+dfsg/Montage/projTest.c:629:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "AP_%d_%d = %10.3e",
data/montage-6.0+dfsg/Montage/projTest.c:636:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BP_ORDER= %d", order-1);
data/montage-6.0+dfsg/Montage/projTest.c:645:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BP_%d_%d = %10.3e",
data/montage-6.0+dfsg/Montage/projTest.c:652:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END"); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:701:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header [32768];
data/montage-6.0+dfsg/Montage/projTest.c:702:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp [MAXSTR];
data/montage-6.0+dfsg/Montage/projTest.c:734:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:735:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:736:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:737:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", naxis1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:738:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", naxis2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:757:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CTYPE1 = 'RA---TAN-SIP'" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:758:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CTYPE2 = 'DEC--TAN-SIP'" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:794:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %15.10f", xout ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:795:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %15.10f", yout ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:803:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %15.10f", xpos); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:804:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %15.10f", ypos); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:813:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %15.10f", x ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:814:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %15.10f", y ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:815:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %15.10f", wcs->cdelt[0] ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:816:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %15.10f", wcs->cdelt[1] ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:827:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{sprintf(temp, "CROTA2 = %15.10f", rotation ); stradd(header, temp);}
data/montage-6.0+dfsg/Montage/projTest.c:829:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{sprintf(temp, "CROTA2 = %15.10f", wcs->rot+rotation); stradd(header, temp);}
data/montage-6.0+dfsg/Montage/projTest.c:831:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %7.2f", wcs->equinox ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:836:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "A_ORDER = %d", order-1); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:848:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "A_%d_%d = %10.3e",
data/montage-6.0+dfsg/Montage/projTest.c:858:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "B_ORDER = %d", order-1); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:870:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "B_%d_%d = %10.3e",
data/montage-6.0+dfsg/Montage/projTest.c:880:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "AP_ORDER= %d", order-1); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:892:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "AP_%d_%d = %10.3e",
data/montage-6.0+dfsg/Montage/projTest.c:902:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BP_ORDER= %d", order-1); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:914:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BP_%d_%d = %10.3e",
data/montage-6.0+dfsg/Montage/projTest.c:924:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:979:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header [32768];
data/montage-6.0+dfsg/Montage/projTest.c:980:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp [MAXSTR];
data/montage-6.0+dfsg/Montage/projTest.c:1090:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:1091:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:1092:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:1093:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", naxis1 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:1094:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", naxis2 ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:1097:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %15.10f", Xcen ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:1098:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %15.10f", Ycen ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:1099:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %15.10f", x ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:1100:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %15.10f", y ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:1101:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %15.10f", wcs->cdelt[0]); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:1102:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %15.10f", wcs->cdelt[1]); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:1103:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CROTA2 = 0.00000" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:1104:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %7.2f", wcs->equinox ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:1105:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); stradd(header, temp);
data/montage-6.0+dfsg/Montage/projTest.c:1171:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[81];
data/montage-6.0+dfsg/Montage/subCube.c:29:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char content[128];
data/montage-6.0+dfsg/Montage/subCube.c:299:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/Montage/subCube.c:478:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(content, "blank");
data/montage-6.0+dfsg/Montage/subCube.c:480:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(content, "flat");
data/montage-6.0+dfsg/Montage/subCube.c:483:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(content, "normal");
data/montage-6.0+dfsg/Montage/subCube.c:504:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/Montage/subCube.c:595:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[STRLEN];
data/montage-6.0+dfsg/Montage/subCube.c:719:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/Montage/subCube.h:20:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dConstraint[2][1024]; /* constrains for third dimension */
data/montage-6.0+dfsg/Montage/subImage.c:35:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char content[128];
data/montage-6.0+dfsg/Montage/subImage.c:193:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/Montage/subImage.c:262:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(content, "blank");
data/montage-6.0+dfsg/Montage/subImage.c:264:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(content, "flat");
data/montage-6.0+dfsg/Montage/subImage.c:267:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(content, "normal");
data/montage-6.0+dfsg/Montage/subImage.c:287:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/Montage/subImage.c:357:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/Add/mAdd.c:33:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Add/mAdd.c:34:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Add/mAdd.c:35:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Add/mAdd.c:36:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imgfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Add/mAdd.c:37:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argument[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Add/mAdd.c:129:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:135:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ctype[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:139:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char output_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:140:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char output_area_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:212:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:283:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:284:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:285:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:340:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:409:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_file, ".fits");
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:410:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_area_file, "_area.fits");
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:496:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Need columns: cntr,fname, crpix1, crpix2, cdelt1, cdelt2, naxis1, naxis2, crval1, crval2 ctype1, ctype2 in image list");
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:552:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr[nfile] = atoi(tval(icntr));
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:560:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
innaxis1[nfile] = atoi(tval(inaxis1));
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:561:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
innaxis2[nfile] = atoi(tval(inaxis2));
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:649:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infile[nfile], ".fits");
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:651:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(inarea[nfile], "_area.fits");
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1519:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Too many open files");
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1548:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Too many open files");
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1587:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Input wcsinit() failed.");
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1960:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "time=%.0f", (double)(currtime - start));
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1961:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"time\":%.1f}", (double)(currtime - start));
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1980:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1981:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headerStr[HDRLEN];
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1988:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2031:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Bad WCS in header template.");
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2095:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[0] = atoi(value);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2096:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[0] = atoi(value);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2101:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[1] = atoi(value);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2102:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[1] = atoi(value);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2139:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/AddCube/mAddCube.c:33:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/MontageLib/AddCube/mAddCube.c:34:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/AddCube/mAddCube.c:35:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[MAXSTR];
data/montage-6.0+dfsg/MontageLib/AddCube/mAddCube.c:36:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imgfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/AddCube/mAddCube.c:37:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char argument[MAXSTR];
data/montage-6.0+dfsg/MontageLib/AddCube/mAddCube.c:128:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:45:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ctype[MAXSTR];
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:49:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:50:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_area_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:127:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:128:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_json [1024];
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:199:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename [MAXSTR];
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:200:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr [MAXSTR];
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:201:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:262:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:333:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_file, ".fits");
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:334:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_area_file, "_area.fits");
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:428:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Need columns: cntr,fname, crpix1, crpix2, cdelt1, cdelt2, naxis1, naxis2, crval1, crval2, naxis3 in image list");
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:491:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr[nfile] = atoi(tval(icntr));
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:505:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
innaxis1[nfile] = atoi(tval(inaxis1));
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:506:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
innaxis2[nfile] = atoi(tval(inaxis2));
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:507:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
innaxis3[nfile] = atoi(tval(inaxis3));
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:508:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
innaxis4[nfile] = atoi(tval(inaxis4));
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:599:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infile[nfile], ".fits");
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:601:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(inarea[nfile], "_area.fits");
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1520:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Too many open files");
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1553:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Too many open files");
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:1594:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Input wcsinit() failed.");
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2000:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "time=%.1f", (double)(currtime - start));
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2001:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_json, "{\"time\":%.1f}", (double)(currtime - start));
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2025:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXSTR];
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2026:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headerStr[HDRLEN];
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2038:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2081:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Bad WCS in header template.");
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2145:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[0] = atoi(value);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2146:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[0] = atoi(value);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2151:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[1] = atoi(value);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2152:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[1] = atoi(value);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2157:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[2] = atoi(value);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2158:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[2] = atoi(value);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2171:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[3] = atoi(value);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2172:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[3] = atoi(value);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2215:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/ArchiveExec/mArchiveExec.c:30:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ArchiveExec/mArchiveExec.c:31:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ArchiveExec/mArchiveExec.c:58:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
debug = atoi(optarg);
data/montage-6.0+dfsg/MontageLib/ArchiveExec/mArchiveExec.c:66:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout = atoi(optarg);
data/montage-6.0+dfsg/MontageLib/ArchiveExec/mArchiveExec.c:70:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nrestart = atoi(optarg);
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:52:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:53:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlbase [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:54:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:55:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filebase[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:56:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:58:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:59:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [32];
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:197:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
imin = atoi(tval(iimin));
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:198:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
imax = atoi(tval(iimax));
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:199:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
jmin = atoi(tval(ijmin));
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:200:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
jmax = atoi(tval(ijmax));
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:269:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "count=%d, failed=%d", count, failed);
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:271:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"count\":%d, \"failed\":%d}", count, failed);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/mArchiveGet.c:29:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlStr [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ArchiveGet/mArchiveGet.c:30:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ArchiveGet/mArchiveGet.c:56:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout = atoi(optarg);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:55:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestr[1024];
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:63:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char retval[32768];
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:67:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(timestr, "%d", timeout);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:101:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdv[0], "wget");
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:102:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdv[1], "-nv");
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:103:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdv[2], "-T");
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:105:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdv[4], "-O");
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:185:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
retcode = atoi(begin);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:197:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Retrieval failed. HTTP return code: %d.", retcode);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:216:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Cannot write to output file.");
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:231:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Unable to resolve URL.");
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:272:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "count=%d", imgsize);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:273:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"count\":%d}", imgsize);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:291:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdv[0], "curl");
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:292:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdv[1], "-s");
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:293:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdv[2], "-L");
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:294:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdv[3], "-m");
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:296:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdv[5], "-w");
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:297:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdv[6], "%{size_download}:%{http_code}");
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:298:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdv[7], "-o");
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:375:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
retcode = atoi(begin);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:379:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Retrieval failed. HTTP return code: %d.", retcode);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:395:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Retrieval failed. Check URL and file permissions.");
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:407:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "count=%d", imgsize);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:408:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"count\":%d}", imgsize);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:428:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Need either wget or curl executables in your path.");
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:440:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf [4096];
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:441:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile[4096];
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:463:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(infile, "r");
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:464:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(outfile, "w+");
data/montage-6.0+dfsg/MontageLib/ArchiveList/mArchiveList.c:18:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char survey [STRLEN];
data/montage-6.0+dfsg/MontageLib/ArchiveList/mArchiveList.c:19:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char band [STRLEN];
data/montage-6.0+dfsg/MontageLib/ArchiveList/mArchiveList.c:20:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locstr [STRLEN];
data/montage-6.0+dfsg/MontageLib/ArchiveList/mArchiveList.c:21:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile [STRLEN];
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:26:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:62:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXLEN];
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:63:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char request [MAXLEN];
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base [MAXLEN];
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:65:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char constraint[MAXLEN];
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:66:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server [MAXLEN];
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:67:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char source [MAXLEN];
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:73:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pserver [MAXLEN];
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:111:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(server, "montage-web.ipac.caltech.edu");
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:115:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(base, "/cgi-bin/ArchiveList/nph-archivelist?");
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:130:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(outfile, "w+");
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:248:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "count=%d", count);
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:249:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"count\":%d}", count);
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:277:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Couldn't create socket()");
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:283:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(host->h_addr_list[0], &sin.sin_addr, host->h_length);
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:390:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Invalid URL string (must start 'http://')");
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:431:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*port = atoi(portPtr);
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:437:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Illegal port number in URL");
data/montage-6.0+dfsg/MontageLib/Background/mBackground.c:26:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Background/mBackground.c:27:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Background/mBackground.c:28:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Background/mBackground.c:29:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char corrfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Background/mBackground.c:30:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Background/mBackground.c:62:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(argv[i+1], "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/Background/mBackground.c:239:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr = atoi(tval(icntr));
data/montage-6.0+dfsg/MontageLib/Background/mBackground.c:282:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(tval(icntr));
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:59:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:103:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:104:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_area_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:105:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:106:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inarea [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:107:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:119:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:161:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infile, ".fits");
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:163:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(inarea, "_area.fits");
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:168:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infile, ".fits");
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:170:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(inarea, "_area.fits");
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:178:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_file, ".fits");
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:179:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_area_file, "_area.fits");
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:624:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "time=%.1f", (double)(currtime - start));
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:625:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"time\":%.1f}", (double)(currtime - start));
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:645:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:735:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/BestImage/mBestImage.c:24:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/BestImage/mBestImage.c:25:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char statfile[MAXSTR];
data/montage-6.0+dfsg/MontageLib/BestImage/mBestImage.c:54:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(statfile, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:32:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:66:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bestURL [MAXSTR];
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:67:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bestName[MAXSTR];
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:69:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:70:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[80];
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:101:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[16];
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:102:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[16];
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:120:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url [MAXSTR];
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:121:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[MAXSTR];
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:234:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Need columns: fname ctype1 ctype2 nl ns crval1 crval2 crpix1 crpix2 cdelt1 cdelt2 and crota2 or cd matrix / ra dec ra1 ... dec4");
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:243:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Need columns: fname ctype1 ctype2 nl ns crval1 crval2 crpix1 crpix2 cdelt1 cdelt2 and crota2 or cd matrix / ra dec ra1 ... dec4");
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:252:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Need columns: fname ctype1 ctype2 nl ns crval1 crval2 crpix1 crpix2 cdelt1 cdelt2 and crota2 or cd matrix / ra dec ra1 ... dec4");
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:264:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bestName, "No name");
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:265:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bestURL, "No URL");
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:285:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(ins >= 0) naxis1 = atoi(tval(ins));
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:286:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(inl >= 0) naxis2 = atoi(tval(inl));
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:316:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
equinox = atoi(tval(iequinox));
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:325:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hdu = atoi(tval(ihdu));
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:391:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); mBestImage_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:392:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); mBestImage_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:393:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); mBestImage_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:394:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", naxis1 ); mBestImage_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:395:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", naxis2 ); mBestImage_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:398:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %11.6f", crval1 ); mBestImage_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:399:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %11.6f", crval2 ); mBestImage_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:400:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %11.6f", crpix1 ); mBestImage_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:401:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %11.6f", crpix2 ); mBestImage_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:404:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{sprintf(temp, "CDELT1 = %11.6f", cdelt1 ); mBestImage_stradd(header, temp);}
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:407:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{sprintf(temp, "CDELT2 = %11.6f", cdelt2 ); mBestImage_stradd(header, temp);}
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:410:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{sprintf(temp, "CROTA2 = %11.6f", crota2 ); mBestImage_stradd(header, temp);}
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:413:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{sprintf(temp, "CD1_1 = %11.6f", cd1_1 ); mBestImage_stradd(header, temp);}
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:416:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{sprintf(temp, "CD1_2 = %11.6f", cd1_2 ); mBestImage_stradd(header, temp);}
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:419:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{sprintf(temp, "CD2_1 = %11.6f", cd2_1 ); mBestImage_stradd(header, temp);}
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:422:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{sprintf(temp, "CD2_2 = %11.6f", cd2_2 ); mBestImage_stradd(header, temp);}
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:424:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", equinox); mBestImage_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:425:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); mBestImage_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:446:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Bad WCS for image %d", nimages);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:685:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "No image covers this point");
data/montage-6.0+dfsg/MontageLib/BgExec/mBgExec.c:34:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/MontageLib/BgExec/mBgExec.c:35:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/BgExec/mBgExec.c:36:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/BgExec/mBgExec.c:37:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char corrdir [MAXSTR];
data/montage-6.0+dfsg/MontageLib/BgExec/mBgExec.c:74:38: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:72:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:73:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifile[MAXSTR];
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:74:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ofile[MAXSTR];
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:76:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:155:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Need columns: cntr and fname in image list");
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:164:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr = atoi(tval(icntr));
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:234:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Need columns: id,a,b,c in corrections file");
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:248:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(tval(iid));
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:288:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr = atoi(tval(icntr));
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:334:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "count=%d, nocorrection=%d, failed=%d", count, nocorrection, failed);
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:336:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"count\":%d, \"nocorrection\":%d, \"failed\":%d}",
data/montage-6.0+dfsg/MontageLib/BgModel/mBgModel.c:24:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imgfile[MAXSTR];
data/montage-6.0+dfsg/MontageLib/BgModel/mBgModel.c:25:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitfile[MAXSTR];
data/montage-6.0+dfsg/MontageLib/BgModel/mBgModel.c:26:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char corrtbl[MAXSTR];
data/montage-6.0+dfsg/MontageLib/BgModel/mBgModel.c:75:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:316:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(corrtbl, "w+");
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:355:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Need columns: cntr nl ns crpix1 crpix2 in image info file");
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:378:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "malloc() failed (ImgInfo)");
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:392:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
imgs[nimages].cntr = atoi(tval(icntr));
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:393:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
imgs[nimages].naxis1 = atoi(tval(ins));
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:394:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
imgs[nimages].naxis2 = atoi(tval(inl));
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:417:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "realloc() failed (ImgInfo) [1]");
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:481:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Need columns: plus minus a b c crpix1 crpix2 xmin xmax ymin ymax xcenter ycenter npixel rms boxx boxy boxwidth boxheight boxang");
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:504:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "malloc() failed (FitInfo)");
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:517:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].plus = atoi(tval(iplus));
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:518:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].minus = atoi(tval(iminus));
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:524:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].xmin = atoi(tval(ixmin));
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:525:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].xmax = atoi(tval(ixmax));
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:526:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].ymin = atoi(tval(iymin));
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:527:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].ymax = atoi(tval(iymax));
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:569:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "realloc() failed (FitInfo) [%lu] [2]", maxfits * sizeof(struct FitInfo));
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:579:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].plus = atoi(tval(iminus));
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:580:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].minus = atoi(tval(iplus));
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:584:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].xmin = atoi(tval(ixmin));
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:585:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].xmax = atoi(tval(ixmax));
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:586:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].ymin = atoi(tval(iymin));
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:587:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fits[nfits].ymax = atoi(tval(iymax));
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:616:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "realloc() failed (FitInfo) [%lu] [3]", maxfits * sizeof(struct FitInfo));
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:643:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "malloc() failed (CorrInfo)");
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:671:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "malloc() failed (FitInfo *)");
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:713:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "realloc() failed (CorrInfo) [4]");
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:741:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "malloc() failed (FitInfo *)");
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:788:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "realloc() failed (FitInfo *) [5]");
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:796:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Debug reference image out of range (0 - %d)", ncorrs-1);
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:1208:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Invalid fit type");
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:1357:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->json, "{}");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/mCoverageCheck.c:36:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile [1024];
data/montage-6.0+dfsg/MontageLib/CoverageCheck/mCoverageCheck.c:37:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile [1024];
data/montage-6.0+dfsg/MontageLib/CoverageCheck/mCoverageCheck.c:38:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdrfile [1024];
data/montage-6.0+dfsg/MontageLib/CoverageCheck/mCoverageCheck.c:39:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode [1024];
data/montage-6.0+dfsg/MontageLib/CoverageCheck/mCoverageCheck.c:40:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [1024];
data/montage-6.0+dfsg/MontageLib/CoverageCheck/mCoverageCheck.c:75:45: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(argc > i+1 && (montage_status = fopen(argv[i+1], "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:147:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proj[16];
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:172:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[256];
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:173:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[256];
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:204:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpHeader[1600];
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:205:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[80];
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:207:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname [1024];
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:208:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[1024];
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:210:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[1024];
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:212:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char field [512][MTBL_MAXSTR];
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:214:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt [64];
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:215:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value [512][MTBL_MAXSTR];
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:216:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstr [MTBL_MAXSTR];
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:217:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:236:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(in.sys, "EQ");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:237:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(in.fmt, "DDR");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:238:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(in.epoch, "J2000");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:240:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(out.sys, "EQ");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:241:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(out.fmt, "SEXC");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:242:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(out.epoch, "J2000");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:294:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Too few vertices for region (must be at least three)");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:332:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Failed to find bounding polygon for points");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:396:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Too few arguments for box or cutout (must at least have center and size)");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:412:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "X box size (%-g) must be a positive number", box_xsize);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:425:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Y box size (%-g) must be a positive number", box_ysize);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:433:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:434:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:435:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:436:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", 1000 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:437:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", 1000 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:440:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %14.9f", center_ra ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:441:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %14.9f", center_dec ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:442:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %14.9f", 500.5 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:443:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %14.9f", 500.5 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:444:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %14.9f", box_xsize/1000.); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:445:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %14.9f", box_ysize/1000.); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:446:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CROTA2 = %14.9f", box_rotation ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:447:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", 2000 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:448:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:628:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Failed to find bounding polygon for points");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:691:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Too few arguments (must at least have coordinates)");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:730:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Too few arguments for point (must have coordinates)");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:764:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(outfile, "w+");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:873:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "CUTOUT mode needs a valid 'fname' or 'file' column");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:909:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Need either WCS or corner columns.");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:946:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
equinox = atoi(tval(iequinox));
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:951:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nl = atoi(tval(inl));
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:952:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ns = atoi(tval(ins));
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1039:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1040:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1041:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1042:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", ns ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1043:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", nl ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1046:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %14.9f", crval1 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1047:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %14.9f", crval2 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1048:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %14.9f", crpix1 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1049:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %14.9f", crpix2 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1050:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %14.9f", cdelt1 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1051:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %14.9f", cdelt2 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1052:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CROTA2 = %14.9f", crota2 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1053:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", equinox); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1054:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1074:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Failed to create wcs structure for record %d.", nrow);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1458:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
equinox = atoi(tval(iequinox));
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1463:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nl = atoi(tval(inl));
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1464:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ns = atoi(tval(ins));
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1562:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1563:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1564:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1565:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", ns ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1566:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", nl ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1569:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %14.9f", crval1 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1570:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %14.9f", crval2 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1571:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %14.9f", crpix1 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1572:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %14.9f", crpix2 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1573:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %14.9f", cdelt1 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1574:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %14.9f", cdelt2 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1575:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CROTA2 = %14.9f", crota2 ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1576:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", equinox); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1577:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); mCoverageCheck_stradd(tmpHeader, temp);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1631:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Input wcsinit() failed.");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1699:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Failed to create wcs structure for record %d.", nrow);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1998:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%d", naxis1);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2002:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%d", naxis2);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2006:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%.2f", crpix1);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2010:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%.2f", crpix2);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2014:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", new_center_ra);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2018:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", new_center_dec);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2030:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", crval1);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2034:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", crval2);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2038:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", point_ra[0]);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2042:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", point_dec[0]);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2046:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", point_ra[1]);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2050:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", point_dec[1]);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2054:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", point_ra[2]);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2058:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", point_dec[2]);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2062:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", point_ra[3]);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2066:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, "%f", point_dec[3]);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2075:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%ds", tbl_rec[ifield[ii]].colwd-1);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2077:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, " %%%ds", tbl_rec[ifield[ii]].colwd-1);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2221:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "count=%d", nimages);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2222:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"count\":%d}", nimages);
data/montage-6.0+dfsg/MontageLib/Diff/mDiff.c:25:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file1 [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Diff/mDiff.c:26:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file2 [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Diff/mDiff.c:27:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Diff/mDiff.c:28:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Diff/mDiff.c:69:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:68:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:69:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_json [1024];
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:137:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:139:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile[2][MAXSTR];
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:140:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inarea[2][MAXSTR];
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:142:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:143:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_area_file[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:177:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:217:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_file, ".fits");
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:218:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_area_file, "_area.fits");
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:243:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infile[0], ".fits");
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:245:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(inarea[0], "_area.fits");
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:250:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infile[0], ".fits");
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:252:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(inarea[0], "_area.fits");
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:264:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infile[1], ".fits");
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:266:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(inarea[1], "_area.fits");
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:271:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infile[1], ".fits");
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:273:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(inarea[1], "_area.fits");
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1447:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "time=%.1f, min_pixel=%-g, max_pixel=%-g, min_diff=%-g, max_diff=%-g",
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1450:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_json, "{\"time\":%.1f, \"min_pixel\":\"%-g\", \"max_pixel\":\"%-g\", \"min_diff\":\"%-g\", \"max_diff\":\"%-g\"}",
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1479:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1486:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1578:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[0] = atoi(value);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1579:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[0] = atoi(value);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1584:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[1] = atoi(value);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1585:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[1] = atoi(value);
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1616:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1674:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/DiffExec/mDiffExec.c:33:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/MontageLib/DiffExec/mDiffExec.c:34:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/DiffExec/mDiffExec.c:35:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char diffdir [MAXSTR];
data/montage-6.0+dfsg/MontageLib/DiffExec/mDiffExec.c:36:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[MAXSTR];
data/montage-6.0+dfsg/MontageLib/DiffExec/mDiffExec.c:73:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/DiffExec/montageDiffExec.c:63:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname1 [MAXSTR];
data/montage-6.0+dfsg/MontageLib/DiffExec/montageDiffExec.c:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname2 [MAXSTR];
data/montage-6.0+dfsg/MontageLib/DiffExec/montageDiffExec.c:65:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char diffname[MAXSTR];
data/montage-6.0+dfsg/MontageLib/DiffExec/montageDiffExec.c:66:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/MontageLib/DiffExec/montageDiffExec.c:133:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Need columns: plus minus diff");
data/montage-6.0+dfsg/MontageLib/DiffExec/montageDiffExec.c:176:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "count=%d, failed=%d", count, failed);
data/montage-6.0+dfsg/MontageLib/DiffExec/montageDiffExec.c:178:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"count\":%d, \"failed\":%d}", count, failed);
data/montage-6.0+dfsg/MontageLib/DiffFitExec/mDiffFitExec.c:36:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[MAXSTR];
data/montage-6.0+dfsg/MontageLib/DiffFitExec/mDiffFitExec.c:37:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/DiffFitExec/mDiffFitExec.c:38:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/DiffFitExec/mDiffFitExec.c:39:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char diffdir [MAXSTR];
data/montage-6.0+dfsg/MontageLib/DiffFitExec/mDiffFitExec.c:40:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/MontageLib/DiffFitExec/mDiffFitExec.c:88:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:66:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname1 [MAXSTR];
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:67:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname2 [MAXSTR];
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:68:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char diffname[MAXSTR];
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:69:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rmname [MAXSTR];
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:70:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:116:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(fitfile, "w+");
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:120:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Can't open output file.");
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:151:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Need columns: cntr1 cntr2 plus minus diff");
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:178:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr1 = atoi(tval(icntr1));
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:179:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr2 = atoi(tval(icntr2));
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:260:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(rmname, "_area.fits");
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:280:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "count=%d, diff_failed=%d, fit_failed=%d, warning=%d",
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:283:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"count\":%d, \"diff_failed\":%d, \"fit_failed\":%d, \"warning\":%d}",
data/montage-6.0+dfsg/MontageLib/Examine/mExamine.c:31:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile[1024];
data/montage-6.0+dfsg/MontageLib/Examine/mExamine.c:56:45: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if(argc > i+1 && (montage_status = fopen(argv[i+1], "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:41:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:42:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_json [1024];
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:88:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstr[32768];
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:90:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proj[32];
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:92:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char csys_str[64];
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:94:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[256];
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:95:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[256];
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:174:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:223:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Can't find HDU %d", hdu);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:258:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "WCS initialization failed.");
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:301:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(csys_str, "EQUJ");
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:307:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(csys_str, "EQUJ");
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:313:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(csys_str, "EQUB");
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:320:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(csys_str, "GAL");
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:326:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(csys_str, "GAL");
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:333:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(csys_str, "ECLJ");
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:339:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(csys_str, "ECLB");
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:468:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Location off the image.");
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:485:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Location off the image.");
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:716:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"equinox\":%.1f,", equinox); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:717:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"naxis\":%ld,", naxis); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:718:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"naxis1\":%d,", (int)naxis1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:719:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"naxis2\":%d,", (int)naxis2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:723:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"naxis3\":%ld,", naxes[2]); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:728:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"naxis4\":%ld,", naxes[3]); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:731:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"crval1\":%.7f,", crval1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:732:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"crval2\":%.7f,", crval2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:733:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"crpix1\":%-g,", crpix1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:734:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"crpix2\":%-g,", crpix2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:735:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"cdelt1\":%.7f,", cdelt1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:736:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"cdelt2\":%.7f,", cdelt2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:737:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"crota2\":%.4f,", crota2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:738:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"lonc\":%.7f,", lonc); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:739:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"latc\":%.7f,", latc); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:740:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"ximgsize\":%.6f,", fabs(naxis1*cdelt1)); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:741:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"yimgsize\":%.6f,", fabs(naxis1*cdelt2)); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:742:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"rotequ\":%.4f,", rot); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:743:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"rac\":%.7f,", rac); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:744:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"decc\":%.7f,", decc); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:745:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"ra1\":%.7f,", ra1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:746:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"dec1\":%.7f,", dec1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:747:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"ra2\":%.7f,", ra2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:748:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"dec2\":%.7f,", dec2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:749:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"ra3\":%.7f,", ra3); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:750:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"dec3\":%.7f,", dec3); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:751:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"ra4\":%.7f,", ra4); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:752:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"dec4\":%.7f,", dec4); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:753:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"radius\":%.7f,", radius); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:754:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"radpix\":%.2f,", rpix); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:755:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"npixel\":%d,", npix); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:756:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"nnull\":%d,", nnull); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:757:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"aveflux\":%-g,", mean); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:758:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"rmsflux\":%-g,", rms); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:759:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"fluxref\":%-g,", val); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:760:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"sigmaref\":%-g,", sigmaref); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:761:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"xref\":%.0f,", valx); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:762:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"yref\":%.0f,", valy); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:763:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"raref\":%.7f,", valra); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:764:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"decref\":%.7f,", valdec); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:765:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"fluxmin\":%-g,", min); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:766:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"sigmamin\":%-g,", sigmamin); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:767:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"xmin\":%.0f,", minx); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:768:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"ymin\":%.0f,", miny); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:769:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"ramin\":%.7f,", minra); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:770:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"decmin\":%.7f,", mindec); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:771:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"fluxmax\":%-g,", max); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:772:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"sigmamax\":%-g,", sigmamax); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:773:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"xmax\":%.0f,", maxx); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:774:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"ymax\":%.0f,", maxy); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:775:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"ramax\":%.7f,", maxra); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:776:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"decmax\":%.7f", maxdec); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:781:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " equinox=%.1f,", equinox); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:782:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " naxis=%ld,", naxis); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:783:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " naxis1=%d,", (int)naxis1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:784:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " naxis2=%d,", (int)naxis2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:788:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " naxis3=%ld,", naxes[2]); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:793:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " naxis4=%ld,", naxes[3]); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:796:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " crval1=%.7f,", crval1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:797:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " crval2=%.7f,", crval2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:798:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " crpix1=%-g,", crpix1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:799:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " crpix2=%-g,", crpix2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:800:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " cdelt1=%.7f,", cdelt1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:801:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " cdelt2=%.7f,", cdelt2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:802:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " crota2=%.4f,", crota2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:803:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " lonc=%.7f,", lonc); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:804:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " latc=%.7f,", latc); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:805:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " ximgsize=%.6f,", fabs(naxis1*cdelt1)); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:806:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " yimgsize=%.6f,", fabs(naxis1*cdelt2)); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:807:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " rotequ=%.4f,", rot); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:808:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " rac=%.7f,", rac); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:809:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " decc=%.7f,", decc); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:810:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " ra1=%.7f,", ra1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:811:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " dec1=%.7f,", dec1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:812:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " ra2=%.7f,", ra2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:813:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " dec2=%.7f,", dec2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:814:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " ra3=%.7f,", ra3); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:815:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " dec3=%.7f,", dec3); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:816:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " ra4=%.7f,", ra4); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:817:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " dec4=%.7f,", dec4); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:818:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " radius=%.7f,", radius); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:819:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " radpix=%.2f,", rpix); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:820:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " npixel=%d,", npix); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:821:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " nnull=%d,", nnull); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:822:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " aveflux=%-g,", mean); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:823:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " rmsflux=%-g,", rms); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:824:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " fluxref=%-g,", val); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:825:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " sigmaref=%-g,", sigmaref); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:826:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " xref=%.0f,", valx); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:827:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " yref=%.0f,", valy); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:828:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " raref=%.7f,", valra); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:829:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " decref=%.7f,", valdec); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:830:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " fluxmin=%-g,", min); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:831:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " sigmamin=%-g,", sigmamin); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:832:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " xmin=%.0f,", minx); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:833:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " ymin=%.0f,", miny); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:834:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " ramin=%.7f,", minra); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:835:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " decmin=%.7f,", mindec); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:836:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " fluxmax=%-g,", max); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:837:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " sigmamax=%-g,", sigmamax); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:838:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " xmax=%.0f,", maxx); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:839:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " ymax=%.0f,", maxy); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:840:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " ramax=%.7f,", maxra); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:841:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " decmax=%.7f", maxdec); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:872:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Error reading FITS data.");
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:995:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"equinox\":%.1f,", equinox); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:996:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"naxis\":%ld,", naxis); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:997:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"naxis1\":%d,", (int)naxis1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:998:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"naxis2\":%d,", (int)naxis2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1002:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"naxis3\":%ld,", naxes[2]); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1007:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"naxis4\":%ld,", naxes[3]); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1010:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"crval1\":%.7f,", crval1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1011:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"crval2\":%.7f,", crval2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1012:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"crpix1\":%-g,", crpix1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1013:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"crpix2\":%-g,", crpix2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1014:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"cdelt1\":%.7f,", cdelt1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1015:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"cdelt2\":%.7f,", cdelt2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1016:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"crota2\":%.4f,", crota2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1017:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"lonc\":%.7f,", lonc); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1018:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"latc\":%.7f,", latc); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1019:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"ximgsize\":%.6f,", fabs(naxis1*cdelt1)); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1020:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"yimgsize\":%.6f,", fabs(naxis1*cdelt2)); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1021:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"rotequ\":%.4f,", rot); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1022:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"rac\":%.7f,", rac); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1023:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"decc\":%.7f,", decc); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1024:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"ra1\":%.7f,", ra1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1025:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"dec1\":%.7f,", dec1); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1026:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"ra2\":%.7f,", ra2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1027:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"dec2\":%.7f,", dec2); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1028:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"ra3\":%.7f,", ra3); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1029:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"dec3\":%.7f,", dec3); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1030:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"ra4\":%.7f,", ra4); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1031:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"dec4\":%.7f,", dec4); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1032:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " \"totalflux\":%.7e", ap[nflux/2].sum); strcat(montage_json, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1036:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " equinox=%.1f,", equinox); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1037:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " naxis=%ld,", naxis); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1038:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " naxis1=%d,", (int)naxis1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1039:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " naxis2=%d,", (int)naxis2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1043:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " naxis3=%ld,", naxes[2]); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1048:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " naxis4=%ld,", naxes[3]); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1051:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " crval1=%.7f,", crval1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1052:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " crval2=%.7f,", crval2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1053:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " crpix1=%-g,", crpix1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1054:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " crpix2=%-g,", crpix2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1055:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " cdelt1=%.7f,", cdelt1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1056:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " cdelt2=%.7f,", cdelt2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1057:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " crota2=%.4f,", crota2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1058:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " lonc=%.7f,", lonc); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1059:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " latc=%.7f,", latc); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1060:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " ximgsize=%.6f,", fabs(naxis1*cdelt1)); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1061:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " yimgsize=%.6f,", fabs(naxis1*cdelt2)); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1062:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " rotequ=%.4f,", rot); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1063:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " rac=%.7f,", rac); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1064:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " decc=%.7f,", decc); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1065:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " ra1=%.7f,", ra1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1066:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " dec1=%.7f,", dec1); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1067:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " ra2=%.7f,", ra2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1068:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " dec2=%.7f,", dec2); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1069:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " ra3=%.7f,", ra3); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1070:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " dec3=%.7f,", dec3); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1071:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " ra4=%.7f,", ra4); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1072:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " dec4=%.7f,", dec4); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1073:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpstr, " totalflux=%.7e", ap[nflux/2].sum); strcat(montage_msgstr, tmpstr);
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1194:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
planes[count] = atoi(ptr);
data/montage-6.0+dfsg/MontageLib/FitExec/mFitExec.c:34:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/FitExec/mFitExec.c:35:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/FitExec/mFitExec.c:36:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char diffdir [MAXSTR];
data/montage-6.0+dfsg/MontageLib/FitExec/mFitExec.c:67:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/FitExec/montageFitExec.c:71:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char diffname[MAXSTR];
data/montage-6.0+dfsg/MontageLib/FitExec/montageFitExec.c:111:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(fitfile, "w+");
data/montage-6.0+dfsg/MontageLib/FitExec/montageFitExec.c:115:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Can't open output file.");
data/montage-6.0+dfsg/MontageLib/FitExec/montageFitExec.c:141:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Need columns: cntr1 cntr2 diff");
data/montage-6.0+dfsg/MontageLib/FitExec/montageFitExec.c:167:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr1 = atoi(tval(icntr1));
data/montage-6.0+dfsg/MontageLib/FitExec/montageFitExec.c:168:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr2 = atoi(tval(icntr2));
data/montage-6.0+dfsg/MontageLib/FitExec/montageFitExec.c:226:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "count=%d, failed=%d, warning=%d, missing=%d",
data/montage-6.0+dfsg/MontageLib/FitExec/montageFitExec.c:229:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"count\":%d, \"failed\":%d, \"warning\":%d, \"missing\":%d}",
data/montage-6.0+dfsg/MontageLib/Fitplane/mFitplane.c:45:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Fitplane/mFitplane.c:104:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/Fitplane/montageFitplane.c:50:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/Fitplane/montageFitplane.c:51:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_json [1024];
data/montage-6.0+dfsg/MontageLib/Fitplane/montageFitplane.c:128:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/Fitplane/montageFitplane.c:583:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "a=%-g, b=%-g, c=%-g, crpix1=%-g, crpix2=%-g, xmin=%-g, xmax=%-g, ymin=%-g, ymax=%-g, xcenter=%-g, ycenter=%-g, npixel=%-g, rms=%-g, boxx=%-g, boxy=%-g, boxwidth=%-g, boxheight=%-g, boxang=%-g",
data/montage-6.0+dfsg/MontageLib/Fitplane/montageFitplane.c:588:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_json, "{\"a\":%-g, \"b\":%-g, \"c\":%-g, \"crpix1\":%-g, \"crpix2\":%-g, \"xmin\":%-g, \"xmax\":%-g, \"ymin\":%-g, \"ymax\":%-g, \"xcenter\":%-g, \"ycenter\":%-g, \"npixel\":%-g, \"rms\":%-g, \"boxx\":%-g, \"boxy\":%-g, \"boxwidth\":%-g, \"boxheight\":%-g, \"boxang\":%-g}",
data/montage-6.0+dfsg/MontageLib/Fitplane/montageFitplane.c:629:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/FixNaN/mFixNaN.c:32:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file[MAXSTR];
data/montage-6.0+dfsg/MontageLib/FixNaN/mFixNaN.c:33:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file[MAXSTR];
data/montage-6.0+dfsg/MontageLib/FixNaN/mFixNaN.c:46:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:45:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:46:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_json [1024];
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:139:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:150:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen("/tmp/jcg.debug", "w+");
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:524:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "rangeCount=%d, nanCount=%d, boundaryCount=%d", countRange, countNaN, bcount);
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:525:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_json, "{\"rangeCount\":%d, \"nanCount\":%d, \"boundaryCount\":%d}", countRange, countNaN, bcount);
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:552:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[MAXSTR];
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:621:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/GetHdr/mGetHdr.c:29:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile [1024];
data/montage-6.0+dfsg/MontageLib/GetHdr/mGetHdr.c:30:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdrfile[1024];
data/montage-6.0+dfsg/MontageLib/GetHdr/mGetHdr.c:55:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:33:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:56:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileBase[1024];
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:57:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [1024];
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:58:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword [1024];
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:65:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card[256];
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:102:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(hdrfile, "w+");
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:106:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Can't open output header file.");
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:336:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "ncard=%d", ncard);
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:337:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"ncard\":%d}", ncard);
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:354:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:25:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile [MAXLEN];
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:26:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bandStr [MAXLEN];
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:27:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char band2MASS [MAXLEN];
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:28:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locstr [MAXLEN];
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:29:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char csys [MAXLEN];
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:42:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(csys, "eq");
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:102:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:27:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:65:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXLEN];
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:66:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char request [MAXLEN];
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:67:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base [MAXLEN];
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:68:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char constraint[MAXLEN];
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:69:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server [MAXLEN];
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:77:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pserver [MAXLEN];
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:99:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(server, "montage.ipac.caltech.edu");
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:103:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(base, "/cgi-bin/HdrTemplate/nph-hdr?");
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:115:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(outfile, "w+");
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:218:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "count=%d", count);
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:219:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"count\":%d}", count);
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:248:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Couldn't create socket()");
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:254:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(host->h_addr_list[0], &sin.sin_addr, host->h_length);
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:359:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Invalid URL string (must start 'http://')");
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:400:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*port = atoi(portPtr);
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:406:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Illegal port number in URL");
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:25:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grayfile [1024];
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:26:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char histfile [1024];
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:27:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grayminstr [256];
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:28:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char graymaxstr [256];
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:29:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char graytype [256];
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:30:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char graybetastr [256];
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:78:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(graytype, "power");
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:84:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(graytype, "gaussian");
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:89:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(graytype, "gaussianlog");
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:96:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(graytype, "asinh");
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:98:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(graybetastr, "2s");
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:108:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(graytype, "linear");
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:50:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:136:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "No input FITS file name given");
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:158:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Can't find HDU %d", hdu);
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:165:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "No output histogram file name given.");
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:170:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(histfile, "w+");
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:174:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Cannot open output histogram file.");
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:184:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Grayscale/pseudocolor mode but no gray image given");
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:312:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "min=%-g, minpercent=%.2f, minsigma=%.2f, max=%-g, maxpercent=%.2f, maxsigma=%.2f, datamin=%-g, datamax=%-g",
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:317:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"min\":%-g, \"minpercent\":%.2f, \"minsigma\":%.2f, \"max\":%-g, \"maxpercent\":%.2f, \"maxsigma\":%.2f, \"datamin\":%-g, \"datamax\":%-g}",
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:379:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
planes[count] = atoi(ptr);
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:397:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:589:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c:39:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c:40:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblname [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c:41:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imgListFile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c:42:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fieldListFile[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c:102:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.h:7:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[1024];
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.h:10:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[16];
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.h:11:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[16];
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:95:5: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
int mkstemp(char *template);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name [128];
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type [128];
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value [128];
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char defval[128];
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:125:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cname [9][32] = {"NAXIS", "NAXIS3", "CRVAL3", "CDELT3", "CRPIX3", "NAXIS4", "CRVAL4", "CDELT4", "CRPIX4"};
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:126:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ctype [9][32] = {"int", "int", "double", "double", "double", "int", "double", "double", "double"};
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:140:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:198:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname [1024];
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:199:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [1024];
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:246:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pathname, "./");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:263:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((ffields = fopen(fieldListFile, "r")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:323:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fields[nfields].width = atoi(pwidth);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:331:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Illegal field name (line %d)", nfields);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:338:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Illegal field type (line %d)", nfields);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:427:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tblf = fopen(tblname, "w+");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:431:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Can't open output table.");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:457:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Image table needs column fname/file");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:487:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "count=%d, nfile=%d, nhdu=%d, badfits=%d, badwcs=%d",
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:490:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"count\":%d, \"nfile\":%d, \"nhdu\":%d, \"badfits\":%d, \"badwcs\":%d}",
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:509:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname [MAXLEN], msg [MAXLEN];
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:510:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempfile[MAXLEN], cmd [MAXLEN];
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:511:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname [MAXLEN];
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:585:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tempfile, "/tmp/IMXXXXXX");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:587:21: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(tempfile);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:591:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Can't create temporary input file for gunzip output.");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:626:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[MAXSTR], msg[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:627:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempfile[MAXSTR], cmd[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:726:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tempfile, "/tmp/IMTXXXXXX");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:728:24: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(tempfile);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:732:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Can't create temporary input table.");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:770:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[1024], comment[1024], *ptr;
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1185:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hdr_rec->ns = atoi(value);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1190:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hdr_rec->nl = atoi(value);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1416:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[32];
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1417:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname[256];
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1421:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(in.sys, "EQ");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1422:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(in.fmt, "DDR");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1423:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(in.epoch, "J2000");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1425:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(out.sys, "EQ");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1426:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(out.fmt, "SEXC");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1427:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(out.epoch, "J2000");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1440:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%ds|", fields[i].width);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1456:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%ds|", fields[i].width);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1472:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%ds|", fields[i].width);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1487:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%%ds|", fields[i].width);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1520:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, " %%%ds", fields[i].width);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1550:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAXLEN], tempfile[1024];
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1555:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdata = fopen(tblname, "r");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1559:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Can't open copy table.");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1566:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ftmp = fopen(tempfile, "w+");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1570:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Can't open temporary input table.");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1596:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ftmp = fopen(tempfile, "r");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1600:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Can't open tmp (out) table.");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1604:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdata = fopen(tblname, "w+");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1608:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Can't open final table.");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1636:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "|\n");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1638:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, " \n");
data/montage-6.0+dfsg/MontageLib/MakeHdr/mMakeHdr.c:31:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/MakeHdr/mMakeHdr.c:32:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template [MAXSTR];
data/montage-6.0+dfsg/MontageLib/MakeHdr/mMakeHdr.c:33:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char csys [MAXSTR];
data/montage-6.0+dfsg/MontageLib/MakeHdr/mMakeHdr.c:76:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pad = atoi(optarg);
data/montage-6.0+dfsg/MontageLib/MakeHdr/mMakeHdr.c:91:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxPixel = atoi(optarg);
data/montage-6.0+dfsg/MontageLib/MakeHdr/mMakeHdr.c:111:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/MakeHdr/mMakeHdr.c:138:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(csys, "EQUJ");
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:81:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[16];
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:82:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[16];
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:98:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:99:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_json [1024];
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:175:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char epochStr [MAXSTR];
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:176:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char csysStr [MAXSTR];
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:177:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char csys [MAXSTR];
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:178:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXSTR];
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:179:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:207:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[1600];
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:208:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[80];
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:262:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Memory allocation failure.");
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:295:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Invalid system string. Must be EQUJ|EQUB|ECLJ|ECLB|GAL|SGAL");
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:302:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(template, "w+");
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:306:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Can't open output header file.");
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:562:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Need columns: ctype1 ctype2 nl ns crval1 crval2 crpix1 crpix2 cdelt1 cdelt2 crota2 (equinox optional). Four corners (equatorial) will be used if they exist or even just a single set of coordinates");
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:723:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
colNaxis = atoi(tval(inaxis));
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:749:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
colNaxis3 = atoi(tval(inaxis3));
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:766:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
colNaxis4 = atoi(tval(inaxis4));
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:933:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input.naxis1 = atoi(tval(ins));
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:934:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input.naxis2 = atoi(tval(inl));
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:945:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input.equinox = atoi(tval(iequinox));
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:951:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); mMakeHdr_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:952:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); mMakeHdr_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:953:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); mMakeHdr_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:954:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", input.naxis1 ); mMakeHdr_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:955:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", input.naxis2 ); mMakeHdr_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:958:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %14.9f", input.crval1 ); mMakeHdr_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:959:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %14.9f", input.crval2 ); mMakeHdr_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:960:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %14.9f", input.crpix1 ); mMakeHdr_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:961:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %14.9f", input.crpix2 ); mMakeHdr_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:962:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %14.9f", input.cdelt1 ); mMakeHdr_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:963:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %14.9f", input.cdelt2 ); mMakeHdr_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:964:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CROTA2 = %14.9f", input.crota2 ); mMakeHdr_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:965:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", input.equinox); mMakeHdr_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:966:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); mMakeHdr_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:977:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Bad WCS for image %d", nimages);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1104:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Memory allocation failure.");
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1238:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, " Cube columns exist but are either blank or inconsistent; outputting 2D only.");
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1289:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Error computing boundaries.");
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1459:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Cube columns exist but are either blank or inconsistent. Outputting 2D only.");
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1463:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "count=%d, ncube=%d, naxis1=%d, naxis2=%d, clon=%.6f, clat=%.6f, loncize=%.6f, latsize=%.6f, posang=%.6f, lon1=%.6f, lat1=%.6f, lon2=%.6f, lat2=%.6f, lon3=%.6f, lat3=%.6f, lon4=%.6f, lat4=%.6f",
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1475:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_json, "{\"count\"=%d, \"ncube\"=%d, \"naxis1\"=%d, \"naxis2\"=%d, \"clon\"=%.6f, \"clat\"=%.6f, \"lonsize\"=%.6f, \"latsize\"=%.6f, \"posang\"=%.6f, \"lon1\"=%.6f, \"lat1\"=%.6f, \"lon2\"=%.6f, \"lat2\"=%.6f, \"lon3\"=%.6f, \"lat3\"=%.6f, \"lon4\"=%.6f, \"lat4\"=%.6f}",
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1583:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1585:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1592:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1596:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Template file not found.");
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1627:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Output wcsinit() failed.");
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:21:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdstr [MAXSTR];
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:22:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [STRLEN];
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:23:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[STRLEN];
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:24:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outFile [STRLEN];
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:25:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jsonFile[STRLEN];
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:26:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jsonStr [MAXSTR];
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:53:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
debug = atoi(argv[i+1]);
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:126:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(jsonFile, "r");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:81:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:82:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_json [1024];
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:169:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valstr [STRLEN];
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:170:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keystr [STRLEN];
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:171:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dataType[STRLEN];
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:172:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char csys [STRLEN];
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:173:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char usage [STRLEN];
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:174:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char coordStr[STRLEN];
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:207:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[4096];
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:221:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:283:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(usage, "Usage: mMakeImg [-d level] [-r(eplace)] [-n noise_level] [-b bg1 bg2 bg3 bg4] [-t tblfile col width csys epoch refval mag/flux flat/gaussian] [-i imagetbl refval] [-a array.txt] template.hdr out.fits (-t and -i args can be repeated)");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:445:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Invalid JSON structure.");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:461:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Noise level parameter must a number greater than zero.");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:476:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Background levels must numbers.");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:491:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Background levels must numbers.");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:506:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Background levels must numbers.");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:521:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Background levels must numbers.");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:538:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "datasets[%d]", ndataset);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:543:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "datasets[%d].type", ndataset);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:547:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Dataset %d has no 'type' attribute.", ndataset);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:553:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "datasets[%d].file", ndataset); // Catalog file
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:560:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "No file name given for catalog.");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:565:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "datasets[%d].column", ndataset); // Flux/mag column name
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:572:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "No column name given for catalog.");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:577:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "datasets[%d].width", ndataset); // Source width
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:588:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "datasets[%d].shape", ndataset); // Source shape
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:603:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Shape parameter must be 'flat' or 'gaussian'.");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:609:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "datasets[%d].refval", ndataset); // Reference data value
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:620:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "datasets[%d].mode", ndataset); // Flux mode
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:634:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "datasets[%d].csys", ndataset); // Coordinate system
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:636:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(csys, "EQU J2000");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:651:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "datasets[%d].file", ndataset); // Catalog file
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:658:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "No file name given for catalog.");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:663:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "datasets[%d].refval", ndataset); // Reference data value
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:747:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
farray = fopen(arrayfile, "r");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:978:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Can't find lon, lat columns.");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1164:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Can't find image center or four corners.");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1734:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "sources=%d, images=%d", srccnt, imgcnt);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1735:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_json, "{\"sources\":%d, \"images\":%d}", srccnt, imgcnt);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1756:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cmdv[256];
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1842:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[STRLEN];
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1844:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *header[2];
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1862:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1912:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(montage_msgstr, "Output wcsinit() failed.");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:2046:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[0] = atoi(value);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:2049:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[1] = atoi(value);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:2063:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:2080:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char valstr[STRLEN];
data/montage-6.0+dfsg/MontageLib/Overlaps/mOverlaps.c:25:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Overlaps/mOverlaps.c:26:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char difftbl[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Overlaps/mOverlaps.c:63:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:67:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[16];
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:68:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[16];
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:87:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:128:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:134:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[1600];
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:135:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[80];
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:184:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(difftbl, "w+");
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:269:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough information to determine coverages (CDELTs or CD matrix)");
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:308:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Need columns: cntr ctype1 ctype2 nl ns crval1 crval2 crpix1 crpix2 cdelt1 cdelt2 crota2 fname (equinox optional)");
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:344:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input[nimages].cntr = atoi(tval(icntr));
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:356:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input[nimages].naxis1 = atoi(tval(ins));
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:357:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input[nimages].naxis2 = atoi(tval(inl));
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:381:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:382:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:383:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:384:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", input[nimages].naxis1 ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:385:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", input[nimages].naxis2 ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:388:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %11.6f", input[nimages].crval1 ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:389:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %11.6f", input[nimages].crval2 ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:390:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %11.6f", input[nimages].crpix1 ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:391:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %11.6f", input[nimages].crpix2 ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:395:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %14.9f", input[nimages].cdelt1 ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:396:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %14.9f", input[nimages].cdelt2 ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:397:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CROTA2 = %11.6f", input[nimages].crota2 ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:401:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD1_1 = %11.6f", input[nimages].cd11 ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:402:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD1_2 = %11.6f", input[nimages].cd12 ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:403:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD2_1 = %11.6f", input[nimages].cd21 ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:404:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD2_2 = %11.6f", input[nimages].cd22 ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:407:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %11.6f", input[nimages].crval2 ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:408:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %11.6f", input[nimages].crval1 ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:409:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", input[nimages].equinox); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:410:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); mOverlaps_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:413:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input[nimages].equinox = atoi(tval(iequinox));
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:429:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Bad WCS for image %d", nimages);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:618:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "| cntr1 | cntr2 |%%%ds |%%%ds | diff |\n", namelen, namelen);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:621:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "| int | int |%%%ds |%%%ds | char |\n", namelen, namelen);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:694:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, "%%8d%%8d %%%ds %%%ds diff.%%06d.%%06d.fits\n", namelen, namelen);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:992:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "count=%d", nmatches);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:993:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"count\":%d}", nmatches);
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:35:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:36:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:37:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:38:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char projdir [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:39:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stats [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:40:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char border [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:41:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scaleCol [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:42:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char weightCol[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:139:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:78:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:143:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:144:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:145:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:146:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char weightFile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:147:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdustr [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:149:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origHdr [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:150:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altin [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:151:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altout [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:153:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:155:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:234:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(stats, "a+");
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:236:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(stats, "w+");
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:240:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Can't open output file.");
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:338:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Error opening image list table file.");
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:353:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Need column fname in input");
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:424:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hdu = atoi(tval(ihdu));
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:449:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hdustr, "hdu%d_", hdu);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:457:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Output would overwrite input");
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:872:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "count=%d, failed=%d, nooverlap=%d", count-restart, failed, nooverlap);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:873:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"count\":%d, \"failed\":%d, \"nooverlap\":%d}", count-restart, failed, nooverlap);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:897:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:898:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:906:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:936:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
naxes = atoi(ptr + 10);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:952:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Output wcsinit() failed.");
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:26:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:27:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char weight_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:28:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:29:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:30:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char borderstr [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:136:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:115:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char area_file[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:208:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:322:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:361:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:434:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Border value (%d) must be greater than or equal to zero", border);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:475:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_file, ".fits");
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:476:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(area_file, "_area.fits");
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:537:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Debug input pixel coordinates out of range");
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:633:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Debug output pixel coordinates out of range");
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:858:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "No overlap");
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:871:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for output data image array");
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:881:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for output data image array");
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:915:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for output area image array");
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:925:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for output area image array");
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:1662:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Debug output done.");
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2109:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "time=%.1f", (double)(currtime - start));
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2110:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"time\":%.1f}", (double)(currtime - start));
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2155:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2157:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2172:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2221:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Output wcsinit() failed.");
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2351:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2393:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[0] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2394:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[0] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2396:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "NAXIS1 = %ld", output.naxes[0]);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2401:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[1] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2402:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[1] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2404:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "NAXIS2 = %ld", output.naxes[1]);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2411:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "CRPIX1 = %11.6f", crpix1);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2418:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "CRPIX2 = %11.6f", crpix2);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2438:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2508:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Input wcsinit() failed.");
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2636:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2743:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[8192];
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2780:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
polygon[nborder].x = atoi(ptr);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2800:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
polygon[nborder].y = atoi(ptr);
data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.c:26:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.c:27:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char weight_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.c:28:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.c:29:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.c:130:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:65:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char area_file[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:143:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:275:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:366:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_file, ".fits");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:367:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(area_file, "_area.fits");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:425:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Debug input pixel coordinates out of range");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:532:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Debug output pixel coordinates out of range");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:561:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for input data image array");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:575:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for input data image array");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:585:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for input data image array");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:609:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for input weights array");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:619:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for input weights array");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:823:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "No overlap");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:836:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for output data image array");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:850:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for output data image array");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:860:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for output data image array");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:908:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for output area image array");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:918:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for output area image array");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:1692:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Debugging output done.");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2122:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "time=%.1f", (double)(currtime - start));
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2123:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"time\":%.1f}", (double)(currtime - start));
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2169:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2171:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2186:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2235:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Output wcsinit() failed.");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2365:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2407:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[0] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2408:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[0] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2410:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "NAXIS1 = %ld", output.naxes[0]);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2415:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[1] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2416:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[1] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2418:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "NAXIS2 = %ld", output.naxes[1]);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2425:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "CRPIX1 = %11.6f", crpix1);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2432:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "CRPIX2 = %11.6f", crpix2);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2452:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2540:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Input wcsinit() failed.");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2677:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:27:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:28:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char weight_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:29:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:30:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:31:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char borderstr [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:32:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altout [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:33:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altin [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:149:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:82:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char template_header [HDRLEN];
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:83:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char alt_input_header [HDRLEN];
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:84:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char alt_output_header[HDRLEN];
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:85:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char area_file [HDRLEN];
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:145:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:252:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:253:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:277:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:346:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Border value (%d) must be greater than or equal to zero", border);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:409:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_file, ".fits");
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:410:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(area_file, "_area.fits");
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1731:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "time=%.1f", (double)(currtime - start));
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1732:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"time\":%.1f}", (double)(currtime - start));
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1755:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1758:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headerStr[HDRLEN];
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1774:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2023:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2068:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[0] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2069:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[0] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2071:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "NAXIS1 = %ld", output.naxes[0]);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2076:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[1] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2077:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[1] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2079:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "NAXIS2 = %ld", output.naxes[1]);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2086:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "CRPIX1 = %11.6f", crpix1);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2093:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "CRPIX2 = %11.6f", crpix2);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2112:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2291:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2387:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[8192];
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2424:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
polygon[nborder].x = atoi(ptr);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2444:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
polygon[nborder].y = atoi(ptr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:28:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:29:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char weight_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:30:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:31:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:32:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char borderstr [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:139:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:47:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char area_file[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:95:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:191:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:223:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:326:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Border value (%d) must be greater than or equal to zero", border);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:367:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(output_file, ".fits");
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:368:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(area_file, "_area.fits");
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:699:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for input data image array");
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:709:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for input data image array");
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:731:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for input weights array");
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:741:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for input weights array");
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1329:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "time=%.1f", (double)(currtime - start));
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1330:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"time\":%.1f}", (double)(currtime - start));
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1375:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1377:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1392:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1441:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Output wcsinit() failed.");
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1568:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1610:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[0] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1611:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[0] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1613:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "NAXIS1 = %ld", output.naxes[0]);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1618:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[1] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1619:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_area.naxes[1] = atoi(value) + 2 * offset;
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1621:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "NAXIS2 = %ld", output.naxes[1]);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1628:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "CRPIX1 = %11.6f", crpix1);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1635:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(linein, "CRPIX2 = %11.6f", crpix2);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1655:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1727:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Input wcsinit() failed.");
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1851:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1957:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[8192];
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1994:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
polygon[nborder].x = atoi(ptr);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:2014:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
polygon[nborder].y = atoi(ptr);
data/montage-6.0+dfsg/MontageLib/PutHdr/mPutHdr.c:41:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/PutHdr/mPutHdr.c:42:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/PutHdr/mPutHdr.c:43:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file[MAXSTR];
data/montage-6.0+dfsg/MontageLib/PutHdr/mPutHdr.c:77:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:49:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:89:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:103:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:148:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ftemp = fopen(template_file, "r");
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:167:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tnaxis = atoi(line+10);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:170:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tnaxis1 = atoi(line+10);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:173:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tnaxis2 = atoi(line+10);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:176:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tnaxis3 = atoi(line+10);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:179:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tnaxis4 = atoi(line+10);
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:224:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "NAXIS/NAXES values cannot be modified using this program.\"]\n");
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:354:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough memory for output data image array\"]\n");
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:464:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->json, "{}");
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:484:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[MAXSTR];
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:586:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/Shrink/mShrink.c:23:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Shrink/mShrink.c:24:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Shrink/mShrink.c:71:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:76:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[16];
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:77:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[16];
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:95:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bunit[80];
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:105:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:156:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:1228:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "time=%.1f", (double)(currtime - start));
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:1229:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"time\":%.1f}", (double)(currtime - start));
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:1249:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[32], ctype2[32];
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:1269:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bunit[80];
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:1271:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024];
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:1530:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/ShrinkCube/mShrinkCube.c:23:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/MontageLib/ShrinkCube/mShrinkCube.c:24:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file[MAXSTR];
data/montage-6.0+dfsg/MontageLib/ShrinkCube/mShrinkCube.c:83:33: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:55:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[16];
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:56:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[16];
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:74:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bunit[80];
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:84:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:140:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:188:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Requested image size must be positive");
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:190:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Shrink factor must be positive");
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:1305:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "time=%.1f", (double)(currtime - start));
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:1306:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"time\":%.1f}", (double)(currtime - start));
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:1326:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[32], ctype2[32];
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:1346:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bunit[80];
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:1348:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024];
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:1627:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:40:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile [STRLEN];
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:41:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile [STRLEN];
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:42:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char appname [STRLEN];
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:43:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d3constraint[STRLEN];
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:44:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d4constraint[STRLEN];
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:135:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(d3constraint, "%d:%d", d3begin, d3end);
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:159:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(argv[i+1], "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.h:21:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dConstraint[2][1024]; /* constrains for third dimension */
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:45:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char content[128];
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:48:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:49:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_json [1024];
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:121:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *header[2];
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:123:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[1024];
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:355:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Can't find HDU %d", hdu);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:378:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Shrinkwrap mode only works for double precision floating point data.");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:655:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Region outside image.");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:689:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "No pixels match area.");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:696:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Output area has no spatial extent.");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:780:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(warning, "Check CDELT, CRPIX values for axes 3 and 4.");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:787:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(warning, "Check CDELT, CRPIX values for axis 4.");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:850:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "D3 constraints set but this is a 2D image.");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:856:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "D4 constraints set but this is a 3D datacube.");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:873:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Some select list values for axis 3 are greater than NAXIS3.");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:890:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Some select list values for axis 4 are greater than NAXIS4.");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:909:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Output wcsinit() failed.");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1075:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1346:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(content, "blank");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1348:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(content, "flat");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1351:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(content, "normal");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1374:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1464:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[MAXSTR];
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1473:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Select list index can only be 3 or 4.");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1546:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Range max less than min.");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1552:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "FITS index ranges cannot be less than one.");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1583:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/Subimage/mSubimage.c:36:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile [1024];
data/montage-6.0+dfsg/MontageLib/Subimage/mSubimage.c:37:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile[1024];
data/montage-6.0+dfsg/MontageLib/Subimage/mSubimage.c:38:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char appname[1024];
data/montage-6.0+dfsg/MontageLib/Subimage/mSubimage.c:102:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(argv[i+1], "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:96:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char content[128];
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:99:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:164:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *header[2];
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:227:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Can't find HDU %d", hdu);
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:250:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Shrinkwrap mode only works for double precision floating point data.");
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:285:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Input file invalid WCS.");
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:511:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Region outside image.");
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:544:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "No pixels match area.");
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:711:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Output wcsinit() failed.");
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:856:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:1027:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(content, "blank");
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:1029:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(content, "flat");
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:1032:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(content, "normal");
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:1054:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:1135:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/Subset/mSubset.c:25:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Subset/mSubset.c:26:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Subset/mSubset.c:27:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subtbl [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Subset/mSubset.c:64:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[16];
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:65:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[16];
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:106:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:142:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header [1600];
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:143:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp [80];
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:212:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(subtbl, "w+");
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:307:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Not enough information to determine coverages (corners, CDELTs or CD matrix)");
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:325:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Need columns: ctype1 ctype2 naxis1 naxis2 crval1 crval2 crpix1 crpix2 (equinox optional)");
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:508:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input.naxis1 = atoi(tval(ins));
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:509:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input.naxis2 = atoi(tval(inl));
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:532:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:533:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:534:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:535:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", input.naxis1 ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:536:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", input.naxis2 ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:539:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %11.6f", input.crval1 ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:540:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %11.6f", input.crval2 ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:541:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %11.6f", input.crpix1 ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:542:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %11.6f", input.crpix2 ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:546:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %14.9f", input.cdelt1 ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:547:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %14.9f", input.cdelt2 ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:548:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CROTA2 = %11.6f", input.crota2 ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:552:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD1_1 = %11.6f", input.cd11 ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:553:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD1_2 = %11.6f", input.cd12 ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:554:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD2_1 = %11.6f", input.cd21 ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:555:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD2_2 = %11.6f", input.cd22 ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:558:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", input.equinox); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:559:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); mSubset_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:574:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input.equinox = atoi(tval(iequinox));
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:588:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Bad WCS for image %d", nimages);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:924:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "count=%d, nmatches=%d", nimages, nmatches);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:925:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"count\":%d, \"nmatches\":%d}", nimages, nmatches);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:969:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:971:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[32768];
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:987:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:1036:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Output wcsinit() failed.");
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:1157:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[0] = atoi(value);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:1160:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[1] = atoi(value);
data/montage-6.0+dfsg/MontageLib/TANHdr/mTANHdr.c:59:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origtmpl[MAXSTR];
data/montage-6.0+dfsg/MontageLib/TANHdr/mTANHdr.c:60:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newtmpl [MAXSTR];
data/montage-6.0+dfsg/MontageLib/TANHdr/mTANHdr.c:139:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:98:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cdelt1 [80];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:99:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cdelt2 [80];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:100:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char crota2 [80];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:101:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cd11 [80];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:102:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cd12 [80];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:103:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cd21 [80];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:104:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cd22 [80];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:105:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pc11 [80];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:106:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pc12 [80];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:107:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pc21 [80];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:108:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pc22 [80];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:109:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char epoch [80];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:110:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char equinox[80];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:120:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:232:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(newtmpl, "w+");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:316:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Bad original header template.");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:324:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cdelt1, "%15.10f", wcs->cdelt[0]);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:327:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cdelt2, "%15.10f", wcs->cdelt[1]);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:330:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(crota2, "%15.10f", wcs->rot);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:392:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Invalid header generated.");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:551:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "All points offscale in forward transform");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:647:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Invalid header generated.");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:718:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Invalid header generated.");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:872:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "All points offscale in reverse transform");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:968:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Invalid header generated.");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1157:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "fwdxerr=%-g, fwdyerr=%-g, fwditer=%d, revxerr=%-g, revyerr=%-g, reviter=%d",
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1161:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->json, "{\"fwdxerr\":%-g, \"fwdyerr\":%-g, \"fwditer\":%d, \"revxerr\":%-g, \"revyerr\":%-g, \"reviter\":%d}",
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1215:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1217:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(template, "r");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1394:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1395:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1402:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(template, "r");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1441:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(montage_msgstr, "Output wcsinit() failed.");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1516:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header [32768];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1517:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp [MAXSTR];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1542:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1546:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1550:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1554:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", naxis1 );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1558:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", naxis2 );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1564:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CTYPE1 = 'RA---TAN-SIP'");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1568:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CTYPE2 = 'DEC--TAN-SIP'");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1583:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %15.10f", xpos );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1587:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %15.10f", ypos );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1591:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %15.10f", x );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1595:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %15.10f", y );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1601:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %.10f", pcdelt1 );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1608:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %.10f", pcdelt2 );
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1691:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "A_ORDER = %d", order-1);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1702:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "A_%d_%d = %10.3e",
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1711:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "B_ORDER = %d", order-1);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1722:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "B_%d_%d = %10.3e",
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1732:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "AP_ORDER= %d", order-1);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1743:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "AP_%d_%d = %10.3e",
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1752:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BP_ORDER= %d", order-1);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1763:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BP_%d_%d = %10.3e",
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1772:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END"); mTANHdr_stradd(header, temp);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1792:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(montage_msgstr, "Output wcsinit() failed.");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1842:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[81];
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1933:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(montage_msgstr, "Singular Matrix-1");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1953:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(montage_msgstr, "Singular Matrix-2");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:2040:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(montage_msgstr, "Allocation failure in ivector()");
data/montage-6.0+dfsg/MontageLib/Transpose/mTranspose.c:26:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inputFile [STRLEN];
data/montage-6.0+dfsg/MontageLib/Transpose/mTranspose.c:27:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outputFile[STRLEN];
data/montage-6.0+dfsg/MontageLib/Transpose/mTranspose.c:28:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char statfile [STRLEN];
data/montage-6.0+dfsg/MontageLib/Transpose/mTranspose.c:60:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((montage_status = fopen(statfile, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:42:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:43:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_json [1024];
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:105:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card [STRLEN];
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:106:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newcard [STRLEN];
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:107:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname [STRLEN];
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:108:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value [STRLEN];
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:109:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment [STRLEN];
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:110:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr [STRLEN];
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:127:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:243:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Image has %ld dimensions. You must list the output order for all of them.", naxis);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:251:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Axis ID %d must be between 1 and %ld.", i+1, naxis);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:262:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Output axis %d is the same as axis %d. They must be unique.", i+1, j+1);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:641:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
inByte = (char *)malloc(nAxisIn[0] * sizeof(char));
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:644:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
outByte = (char ****)malloc(nAxisOut[3] * sizeof(char ***));
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:654:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
outByte[l] = (char ***)malloc(nAxisOut[2] * sizeof(char **));
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:664:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
outByte[l][k] = (char **)malloc(nAxisOut[1] * sizeof(char *));
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:674:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
outByte[l][k][j] = (char *)malloc(nAxisOut[0] * sizeof(char));
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1038:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errstr, "Error writing card %d.", keynum);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1197:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "mindata=%-g, maxdata=%-g", mindata, maxdata);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1198:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_json, "{\"mindata\":%-g, \"maxdata\":%-g}", mindata, maxdata);
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1224:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype[4][16];
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1229:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(status) strcpy(ctype[0], "NONE");
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1234:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(status) strcpy(ctype[1], "NONE");
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1239:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(status) strcpy(ctype[2], "NONE");
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1244:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(status) strcpy(ctype[3], "NONE");
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1317:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *wcs[9] = { "NAXISn", "CRVALn", "CRPIXn",
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1327:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char retstr[STRLEN];
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1329:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wcskey[STRLEN];
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1422:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:22:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdstr [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:23:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [STRLEN];
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:24:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outFmt [STRLEN];
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:25:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outFile [STRLEN];
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:26:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jsonFile[STRLEN];
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:27:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jsonStr [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:28:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fontFile[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:45:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(outFmt, "png");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:69:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(outFmt, "png");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:84:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(outFmt, "jpeg");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:161:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(jsonFile, "r");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:844:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dstr[16];
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:845:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mstr[16];
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:846:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sstr[16];
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:849:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char label[32];
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:863:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dstr, "%d", ideg);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:868:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mstr, "%02d", imin);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:872:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sstr, "%05.2f", val);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:876:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sstr, "00.00");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:878:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mstr, "%02d", imin);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:883:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mstr, "00");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:885:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dstr, "%d", ideg);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:925:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(label, " 00m");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:951:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hstr[16];
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:952:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mstr[16];
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:953:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sstr[16];
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:956:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char label[32];
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:966:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hstr, "%d", ihr);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:971:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mstr, "%02d", imin);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:975:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sstr, "%05.2f", val);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:979:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sstr, "00.00");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:981:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mstr, "%02d", imin);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:986:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sstr, "00");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:988:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hstr, "%d", ihr);
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:1027:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(label, " 00m");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:74:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fontfile[1024];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:144:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:185:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[4096];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:187:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keystr [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:188:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valstr [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:189:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ovlyType[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:190:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ovlyVis [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:191:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXJSON];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:192:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char layout [MAXJSON];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:244:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[MAXSTR]; // File name
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:250:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colorColumn[MAXSTR]; // Override color column (content e.g. 'red' or "ff00a0")
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:258:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symSizeColumn [MAXSTR]; // Override symbol column (content e.g. '20s diamond')
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:259:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symShapeColumn[MAXSTR]; // Override symbol column (content e.g. '20s diamond')
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:263:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scaleColumn[MAXSTR]; // Column for data-scaled symbols
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:265:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelColumn[MAXSTR]; // Column containing label string
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:278:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAXSTR]; // Label text
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:320:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symSizeColumn [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:321:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symShapeColumn[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:322:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scaleColumn [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:323:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelColumn [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:324:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colorColumn [MAXSTR];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:364:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char im_ctype1[16];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:365:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char im_ctype2[16];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:376:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char im_header[1600];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:377:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[80];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:410:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char statusfile [1024];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:411:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grayfile [1024];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:412:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redfile [1024];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:413:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenfile [1024];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:414:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluefile [1024];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:415:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jpegfile [1024];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:416:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pngfile [1024];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:418:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grayhistfile [1024];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:419:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redhistfile [1024];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:420:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenhistfile[1024];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:421:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluehistfile [1024];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:424:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grayminstr [256];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:425:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char graymaxstr [256];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:426:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char graybetastr [256];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:427:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redminstr [256];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:428:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redmaxstr [256];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:429:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redbetastr [256];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:430:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenminstr [256];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:431:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenmaxstr [256];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:432:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenbetastr [256];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:433:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blueminstr [256];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:434:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluemaxstr [256];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:435:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluebetastr [256];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:436:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colorstr [256];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:437:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbolstr [256];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:438:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelstr [256];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:503:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bunit[256];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:531:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:635:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fontfile, "FreeSans.ttf");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:725:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fjson = fopen(params, "r");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:729:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Cannot open input JSON file.");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:753:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Invalid JSON structure.");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:768:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Font scale parameter must an integer.");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:794:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Font scale parameter must a number greater than zero.");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:808:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Color table index must be a number between 0 and 11");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:822:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Color enhancement parameter must be a number between 1. and 4.");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:842:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Invalid symbol attribute");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:854:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Gray file has no 'fits_file' attribute.");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:885:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Color table index must be a number between 0 and 11");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:913:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(graybetastr, "2s");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:947:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Can't find HDU %d", hdu);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:959:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Red file has no 'fits_file' attribute.");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1006:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(redbetastr, "2s");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1040:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Can't find HDU %d", hdu);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1052:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Green file has no 'fits_file' attribute.");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1099:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(greenbetastr, "2s");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1133:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Can't find HDU %d", hdu);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1145:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Blue file has no 'fits_file' attribute.");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1192:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bluebetastr, "2s");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1226:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Can't find HDU %d", hdu);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1240:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d]", noverlay);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1245:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].visible", noverlay);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1258:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].type", noverlay);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1262:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Overlay %d has no 'type' attribute.", noverlay);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1270:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].color", noverlay); // Check for color
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1288:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].font_scale", noverlay); // Check for font scale
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1296:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Font scale (overlay %d) parameter must a number greater than zero.", noverlay);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1304:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].coord_sys", noverlay); // Require coordinate system (don't use default)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1308:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Overlay %d has no 'coord_sys' attribute.", noverlay);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1323:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].color", noverlay); // Check for color
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1341:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].coord_sys", noverlay); //Â Check for coordinate system
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1354:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].data_file", noverlay); // Require catalog file name
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1358:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Overlay %d has no 'data_file' attribute.", noverlay);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1365:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].data_column", noverlay); //Â Check for mag/flux column for scaling
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1372:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].data_ref", noverlay); //Â Check for scaling data reference value
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1379:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].data_type", noverlay); //Â Check for type of scaling data column
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1390:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].symbol", noverlay); // Check for symbol shape info
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1396:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Invalid symbol attribute for overlay %d.", noverlay);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1409:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].sym_size", noverlay); // Check for symbol size
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1436:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Invalid symbol size in overlay %d.", noverlay);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1450:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].size_column", noverlay); //Â Check for explicit size column
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1457:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].shape_column", noverlay); //Â Check for shape column
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1464:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].label_column", noverlay); //Â Check for label column
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1471:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].color_column", noverlay); //Â Check for color column
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1486:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].color", noverlay); // Check for color
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1504:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].coord_sys", noverlay); //Â Check for coordinate system
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1517:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].data_file", noverlay); // Require image metadata file name
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1521:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Overlay %d has no 'data_file' attribute.", noverlay);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1534:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].color", noverlay); // Check for color
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1552:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].coord_sys", noverlay); //Â Check for coordinate system
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1565:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].lon", noverlay); // Require longitude
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1569:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Overlay %d has no 'lon' attribute.", noverlay);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1573:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if(strstr(valstr, "p") != (char *)NULL)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1579:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].lat", noverlay); // Require latitude
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1583:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Overlay %d has no 'lat' attribute.", noverlay);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1587:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if(strstr(valstr, "p") != (char *)NULL)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1593:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].symbol", noverlay); // Check for symbol shape info
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1599:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Invalid symbol attribute for overlay %d.", noverlay);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1612:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].sym_size", noverlay); // Check for symbol size
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1639:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Invalid symbol size in overlay %d.", noverlay);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1656:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].color", noverlay); // Check for color
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1674:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].font_scale", noverlay); // Check for font scale
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1682:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Font scale (overlay %d) parameter must a number greater than zero.", noverlay);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1690:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].lon", noverlay); // Require longitude
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1694:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Overlay %d has no 'lon' attribute.", noverlay);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1698:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if(strstr(valstr, "p") != (char *)NULL)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1704:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].lat", noverlay); // Require latitude
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1708:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Overlay %d has no 'lat' attribute.", noverlay);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1712:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if(strstr(valstr, "p") != (char *)NULL)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1718:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keystr, "overlays[%d].text", noverlay); // Require text
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1722:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Overlay %d has no 'text' attribute.", noverlay);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1751:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Parameters: [-d] [-nowcs] [-noflip] [-t(rue-color) power] [-ct color-table] [-grid csys [epoch]] -gray in.fits minrange maxrange [logpower/gaussian] -red red.fits rminrange rmaxrange [rlogpower/gaussian] -green green.fits gminrange gmaxrange [glogpower/gaussian] -blue blue.fits bminrange bmaxrange [blogpower/gaussian] -out out.png");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1777:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Font scale parameter must a number greater than zero.");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1815:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Color enhancement parameter must be a number between 1. and 4.");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1963:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Too few arguments following -label flag");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1969:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
|| strstr(argv[i+2], "p") != (char *)NULL)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1991:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Too few arguments following -symbol flag");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2030:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Invalid symbol size");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2140:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Invalid symbol type");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2153:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Invalid vertex count for symbol (must be an integer >= 3)");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2165:31: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Invalid rotation angle for symbol (must be number)");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2191:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Too few arguments following -scalecol flag");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2237:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "No color column given.");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2261:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "No symbol size column given.");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2285:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "No symbol shape column given.");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2309:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "No label column given.");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2326:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Too few arguments following -catalog flag");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2392:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Too few arguments following -mark flag");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2402:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
|| strstr(argv[i+2], "p") != (char *)NULL)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2431:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Too few arguments following -imginfo flag");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2473:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Too few arguments following -ct flag");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2481:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Color table index must be a number between 0 and 11");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2496:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Too few arguments following -gray flag");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2525:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Too few arguments following -gray flag");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2559:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(graybetastr, "2s");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2610:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Can't find HDU %d", hdu);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2625:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Too few arguments following -red flag");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2654:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Too few arguments following -red flag");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2689:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(redbetastr, "2s");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2741:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Can't find HDU %d", hdu);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2754:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Too few arguments following -green flag");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2783:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Too few arguments following -green flag");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2818:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(greenbetastr, "2s");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2868:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Can't find HDU %d", hdu);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2883:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Too few arguments following -blue flag");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2911:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Too few arguments following -blue flag");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2946:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bluebetastr, "2s");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2996:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Can't find HDU %d", hdu);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3012:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "No output file given following -out/-png flag");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3027:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "No output file given following -jpeg flag");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3033:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
jpegfp = fopen(jpegfile, "w+");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3199:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "No input 'red' FITS file name given");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3205:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "No input 'green' FITS file name given");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3211:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "No input 'blue' FITS file name given");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3219:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "No input FITS file name given");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3228:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "No output PNG or JPEG file name given");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3260:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Color mode but no red image given");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3266:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Color mode but no green image given");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3272:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Color mode but no blue image given");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3496:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Red and green FITS images don't have matching projections (use -nowcs flag if you still want to proceed).");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3587:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Red and blue FITS images don't have matching projections (use -nowcs flag if you still want to proceed).");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:4428:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->msg, "Grayscale/pseudocolor mode but no gray image given");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5480:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
im_naxis1 = atoi(tval(ins));
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5481:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
im_naxis2 = atoi(tval(inl));
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5492:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
im_equinox = atoi(tval(iequinox));
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5495:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); mViewer_stradd(im_header, temp);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5496:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); mViewer_stradd(im_header, temp);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5497:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); mViewer_stradd(im_header, temp);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5498:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", im_naxis1 ); mViewer_stradd(im_header, temp);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5499:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", im_naxis2 ); mViewer_stradd(im_header, temp);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5502:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %11.6f", im_crval1 ); mViewer_stradd(im_header, temp);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5503:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %11.6f", im_crval2 ); mViewer_stradd(im_header, temp);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5504:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %11.6f", im_crpix1 ); mViewer_stradd(im_header, temp);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5505:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %11.6f", im_crpix2 ); mViewer_stradd(im_header, temp);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5506:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %14.9f", im_cdelt1 ); mViewer_stradd(im_header, temp);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5507:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %14.9f", im_cdelt2 ); mViewer_stradd(im_header, temp);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5508:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CROTA2 = %11.6f", im_crota2 ); mViewer_stradd(im_header, temp);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5509:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", im_equinox); mViewer_stradd(im_header, temp);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5510:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); mViewer_stradd(im_header, temp);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5518:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(returnStruct->msg, "Bad WCS for image %d", nimages);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5762:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->type, "color");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5822:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(returnStruct->type, "grayscale");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5927:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cmdv[256];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6070:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colorstr[MAXSTR];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6083:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(montage_msgstr, "Invalid color specification");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6202:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[4096];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6203:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hline [256];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6207:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "SIMPLE = T"); mViewer_stradd(header, hline);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6208:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "NAXIS = 2"); mViewer_stradd(header, hline);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6209:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "NAXIS1 = %d", naxis1); mViewer_stradd(header, hline);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6210:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "NAXIS2 = %d", naxis2); mViewer_stradd(header, hline);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6211:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CTYPE1 = 'RA---TAN'"); mViewer_stradd(header, hline);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6212:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CTYPE2 = 'DEC--TAN'"); mViewer_stradd(header, hline);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6213:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CDELT1 = 0.000001"); mViewer_stradd(header, hline);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6214:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CDELT2 = 0.000001"); mViewer_stradd(header, hline);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6215:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CRVAL1 = 0."); mViewer_stradd(header, hline);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6216:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CRVAL2 = 0."); mViewer_stradd(header, hline);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6217:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CRPIX1 = %.2f", (naxis1 + 1.)/2.); mViewer_stradd(header, hline);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6218:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CRPIX2 = %.2f", (naxis2 + 1.)/2.); mViewer_stradd(header, hline);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6219:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CROTA2 = 0."); mViewer_stradd(header, hline);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6220:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "END"); mViewer_stradd(header, hline);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6226:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(montage_msgstr, "wcsinit() failed for fake header.");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6319:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
planes[count] = atoi(ptr);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6337:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6819:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(montage_msgstr, "Image contains no non-blank pixels.");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7037:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [1024];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7038:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[1024];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7040:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fhist = fopen(histfile, "r");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7044:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(montage_msgstr, "Cannot open histogram file.");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7209:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[81];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7231:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "NAXIS1 = %d", naxis1);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7234:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "NAXIS2 = %d", naxis2);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7237:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "CRPIX1 = %15.10f", crpix1);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7240:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "CRPIX2 = %15.10f", crpix2);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7281:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(comment, "END\n");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7300:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7308:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proj[64];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7309:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char csys[64];
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7312:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(wcs->prjcode == WCS_PIX) strcpy(proj, "PIX");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7313:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_LIN) strcpy(proj, "LIN");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7314:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_AZP) strcpy(proj, "AZP");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7315:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_SZP) strcpy(proj, "SZP");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7316:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_TAN) strcpy(proj, "TAN");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7317:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_SIN) strcpy(proj, "SIN");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7318:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_STG) strcpy(proj, "STG");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7319:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_ARC) strcpy(proj, "ARC");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7320:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_ZPN) strcpy(proj, "ZPN");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7321:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_ZEA) strcpy(proj, "ZEA");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7322:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_AIR) strcpy(proj, "AIR");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7323:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_CYP) strcpy(proj, "CYP");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7324:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_CAR) strcpy(proj, "CAR");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7325:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_MER) strcpy(proj, "MER");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7326:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_CEA) strcpy(proj, "CEA");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7327:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_COP) strcpy(proj, "COP");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7328:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_COD) strcpy(proj, "COD");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7329:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_COE) strcpy(proj, "COE");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7330:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_COO) strcpy(proj, "COO");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7331:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_BON) strcpy(proj, "BON");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7332:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_PCO) strcpy(proj, "PCO");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7333:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_SFL) strcpy(proj, "SFL");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7334:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_PAR) strcpy(proj, "PAR");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7335:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_AIT) strcpy(proj, "AIT");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7336:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_MOL) strcpy(proj, "MOL");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7337:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_CSC) strcpy(proj, "CSC");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7338:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_QSC) strcpy(proj, "QSC");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7339:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_TSC) strcpy(proj, "TSC");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7340:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_NCP) strcpy(proj, "NCP");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7341:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_GLS) strcpy(proj, "GLS");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7342:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_DSS) strcpy(proj, "DSS");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7343:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_PLT) strcpy(proj, "PLT");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7344:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_TNX) strcpy(proj, "TNX");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7345:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_ZPX) strcpy(proj, "ZPX");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7346:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_TPV) strcpy(proj, "TPV");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7347:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == NWCSTYPE) strcpy(proj, "NWCSTYPE");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7364:41: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(wcs->syswcs == WCS_J2000) strcpy(csys, "ICRS");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7365:41: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->syswcs == WCS_B1950) strcpy(csys, "FK4");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7366:41: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->syswcs == WCS_GALACTIC) strcpy(csys, "GAL");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7367:41: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->syswcs == WCS_ECLIPTIC) strcpy(csys, "ECL");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7368:41: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else strcpy(csys, "ICRS");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7372:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "<?xpacket begin=\" \" id=\"W5M0MpCehiHzreSzNTczkc9d\"?>\n");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7375:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "<x:xmpmeta xmlns:x=\"adobe:ns:meta/\" x:xmptk=\"Adobe XMP Core 4.2-c020 1.124078, Tue Sep 11 2007 23:21:40 \">\n");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7378:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:RDF xmlns:rdf=\"http://www.w3.org/1999/02/22-rdf-syntax-ns#\">\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7379:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:Description rdf:about=\"\"\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7380:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " xmlns:avm=\"http://www.communicatingastronomy.org/avm/1.0/\">\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7381:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <avm:MetadataVersion>1.1</avm:MetadataVersion>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7382:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <avm:Type>Observation</avm:Type>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7383:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <avm:Spatial.Quality>Full</avm:Spatial.Quality>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7385:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <avm:Spatial.Equinox>%.1f</avm:Spatial.Equinox>\n", equinox); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7387:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <avm:Spatial.Rotation>%.10e</avm:Spatial.Rotation>\n", crota2); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7388:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <avm:Spatial.ReferenceDimension>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7389:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7390:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:li>%d</rdf:li>\n", naxis1); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7391:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:li>%d</rdf:li>\n", naxis2); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7392:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7393:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </avm:Spatial.ReferenceDimension>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7394:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <avm:Spatial.ReferenceValue>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7395:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7396:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", crval1); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7397:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", crval2); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7398:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7399:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </avm:Spatial.ReferenceValue>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7400:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <avm:Spatial.ReferencePixel>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7401:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7402:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", crpix1); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7403:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", crpix2); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7404:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7405:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </avm:Spatial.ReferencePixel>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7406:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <avm:Spatial.Scale>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7407:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7408:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", xinc); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7409:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", yinc); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7410:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7411:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </avm:Spatial.Scale>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7412:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </rdf:Description>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7413:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </rdf:RDF>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7414:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "</x:xmpmeta>\n"); strcat(comment, line);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7418:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "<?xpacket end=\"r\"?>");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:8387:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cmdv[256];
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWT.c:17:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tileID [256];
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWT.c:18:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outFile[1024];
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWT.c:78:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(outFile, "w+");
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWTExec.c:15:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdrDir[1024];
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWTExec.c:34:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdrStr [256];
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWTExec.c:35:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWTExec.c:36:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [32];
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWTExec.c:46:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
debug = atoi(argv[2]);
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWTExec.c:62:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
level = atoi(argv[1]);
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWTExec.c:147:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdrStr [256];
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWTExec.c:148:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWTExec.c:149:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [32];
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:19:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grayDir [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:20:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redDir [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:21:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenDir [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:22:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blueDir [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:23:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grayHist [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:24:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redHist [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:25:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenHist [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:26:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blueHist [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:27:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pngDir [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:28:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseName [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:38:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tileStr [256];
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:39:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:40:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [32];
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:50:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
debug = atoi(argv[2]);
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:85:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
colorTable = atoi(argv[1]);
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:86:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
level = atoi(argv[2]);
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:106:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
trueColor = atoi(argv[1]);
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:107:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
level = atoi(argv[2]);
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:343:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tileStr [256];
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:344:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:345:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [32];
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:18:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitsFile [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:19:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseName [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:20:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tileDir [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:21:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdrDir [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:30:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tileStr [256];
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:31:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:32:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [32];
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:42:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
debug = atoi(argv[2]);
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:58:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
level = atoi(argv[1]);
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:179:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tileStr [256];
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:180:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [1024];
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:181:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [32];
data/montage-6.0+dfsg/MontageLib/mJupyter.c:10:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[100000];
data/montage-6.0+dfsg/MontageLib/mJupyter.c:12:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char code [1024];
data/montage-6.0+dfsg/MontageLib/mJupyter.c:13:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char module [1024];
data/montage-6.0+dfsg/MontageLib/mJupyter.c:14:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pattern[1024];
data/montage-6.0+dfsg/MontageLib/mJupyter.c:15:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileIn [1024];
data/montage-6.0+dfsg/MontageLib/mJupyter.c:16:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileOut[1024];
data/montage-6.0+dfsg/MontageLib/mJupyter.c:17:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [1024];
data/montage-6.0+dfsg/MontageLib/mJupyter.c:18:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[1024];
data/montage-6.0+dfsg/MontageLib/mJupyter.c:41:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(fileOut, "w+");
data/montage-6.0+dfsg/MontageLib/mJupyter.c:69:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ftemplate = fopen("data/mJupyter.ipynb", "r");
data/montage-6.0+dfsg/MontageLib/mJupyter.c:114:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message, "Usage: unknown");
data/montage-6.0+dfsg/MontageLib/mJupyter.c:147:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fcode = fopen(fileIn, "r");
data/montage-6.0+dfsg/MontageLib/mJupyter.c:216:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fileIn, "montage.h");
data/montage-6.0+dfsg/MontageLib/mJupyter.c:220:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fcode = fopen(fileIn, "r");
data/montage-6.0+dfsg/MontageLib/mLibDoc.c:9:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [1024];
data/montage-6.0+dfsg/MontageLib/mLibDoc.c:10:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char module [1024];
data/montage-6.0+dfsg/MontageLib/mLibDoc.c:11:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pattern[1024];
data/montage-6.0+dfsg/MontageLib/mLibDoc.c:12:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileIn [1024];
data/montage-6.0+dfsg/MontageLib/mLibDoc.c:13:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileOut[1024];
data/montage-6.0+dfsg/MontageLib/mLibDoc.c:35:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(fileOut, "w+");
data/montage-6.0+dfsg/MontageLib/mLibDoc.c:57:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(fileIn, "r");
data/montage-6.0+dfsg/MontageLib/mLibDoc.c:117:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fileIn, "montage.h");
data/montage-6.0+dfsg/MontageLib/mLibDoc.c:121:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(fileIn, "r");
data/montage-6.0+dfsg/MontageLib/montage.h:14:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:15:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:27:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:28:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:40:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:41:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:53:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:54:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:65:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:66:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:78:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:79:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:91:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:92:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:93:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[1024]; // 'Best' file name
data/montage-6.0+dfsg/MontageLib/montage.h:95:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url [1024]; // URL to best file (if any)
data/montage-6.0+dfsg/MontageLib/montage.h:106:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:107:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:120:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:121:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:132:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:133:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:145:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:146:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:159:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:160:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:175:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:176:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:192:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:193:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:194:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proj [32]; // Image projection.
data/montage-6.0+dfsg/MontageLib/montage.h:195:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char csys [16]; // Coordinate system.
data/montage-6.0+dfsg/MontageLib/montage.h:259:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:260:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:274:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:275:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:303:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:304:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:318:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:319:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:330:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:331:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:343:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:344:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:363:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:364:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:382:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:383:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:384:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char note[1024]; // Cautionary message (only there if needed).
data/montage-6.0+dfsg/MontageLib/montage.h:412:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:413:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:425:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:426:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:437:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:438:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:452:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:453:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:467:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:468:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:482:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:483:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:496:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:497:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:512:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:513:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:523:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:524:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:536:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:537:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:549:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:550:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json [4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:551:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char content[1024]; // String giving an idea of output content (e.g., 'blank', 'flat', or 'normal'.
data/montage-6.0+dfsg/MontageLib/montage.h:552:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[1024]; // If warranted, warning message about CDELT, CRPIX, etc.
data/montage-6.0+dfsg/MontageLib/montage.h:564:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:565:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json [4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:566:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char content[1024]; // String giving an idea of output content (e.g., 'blank', 'flat', or 'normal'.
data/montage-6.0+dfsg/MontageLib/montage.h:577:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:578:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:590:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:591:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:608:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:609:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:621:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [1024]; // Return message (for error return)
data/montage-6.0+dfsg/MontageLib/montage.h:622:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[4096]; // Return parameters as JSON string
data/montage-6.0+dfsg/MontageLib/montage.h:623:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[32]; // Whether the output is 'color' or 'grayscale'
data/montage-6.0+dfsg/MontageLib/montage.h:661:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bunit[256]; // Flux units in data files (from BUNIT header keyword)
data/montage-6.0+dfsg/MontageLib/test/example.c:11:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile [1024];
data/montage-6.0+dfsg/MontageLib/test/example.c:12:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile [1024];
data/montage-6.0+dfsg/MontageLib/test/example.c:13:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[1024];
data/montage-6.0+dfsg/MontageLib/test/example.c:18:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
debug = atoi(argv[4]);
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:77:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ctype1[1024];
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:78:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ctype2[1024];
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:94:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:148:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitskeyword[80];
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:149:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitsvalue [80];
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:150:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitscomment[80];
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:151:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstr [80];
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:157:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [1024];
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:158:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pline [1024];
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:287:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(infile, "r");
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:301:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(infile, "r");
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:324:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "FITS header lines cannot be greater than 80 characters.");
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:923:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/MontageLib/util/checkWCS.c:26:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char montage_msgstr[1024];
data/montage-6.0+dfsg/MontageLib/util/checkWCS.c:46:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "No WCS information (or not FITS header)");
data/montage-6.0+dfsg/MontageLib/util/checkWCS.c:105:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Must have at least two (n>1) dimensions");
data/montage-6.0+dfsg/MontageLib/util/checkWCS.c:114:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Invalid projection");
data/montage-6.0+dfsg/MontageLib/util/checkWCS.c:123:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Invalid NAXIS1");
data/montage-6.0+dfsg/MontageLib/util/checkWCS.c:129:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Invalid NAXIS2");
data/montage-6.0+dfsg/MontageLib/util/checkWCS.c:140:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "CTYPE1 and CTYPE2 don't match");
data/montage-6.0+dfsg/MontageLib/util/checkWCS.c:148:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "CTYPE1 and CTYPE2 don't match");
data/montage-6.0+dfsg/MontageLib/util/checkWCS.c:156:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "CTYPE1 and CTYPE2 don't match");
data/montage-6.0+dfsg/MontageLib/util/checkWCS.c:164:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "CTYPE1 and CTYPE2 don't match");
data/montage-6.0+dfsg/MontageLib/util/checkWCS.c:172:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "CTYPE1 and CTYPE2 don't match");
data/montage-6.0+dfsg/MontageLib/util/checkWCS.c:180:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "CTYPE1 and CTYPE2 don't match");
data/montage-6.0+dfsg/MontageLib/util/checkWCS.c:186:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Invalid CTYPE1");
data/montage-6.0+dfsg/MontageLib/util/checkWCS.c:198:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Invalid CD matrix");
data/montage-6.0+dfsg/MontageLib/util/checkWCS.c:206:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Invalid CDELT1");
data/montage-6.0+dfsg/MontageLib/util/checkWCS.c:212:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(montage_msgstr, "Invalid CDELT2");
data/montage-6.0+dfsg/MontageLib/util/filePath.c:29:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char base[2048];
data/montage-6.0+dfsg/MontageLib/util/version.c:16:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char version[1024];
data/montage-6.0+dfsg/MontageLib/util/version.c:18:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(version, "5.0.0");
data/montage-6.0+dfsg/ancillary/HPXcvt.c:113:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hpxdat.col = atoi(argv[i]+2);
data/montage-6.0+dfsg/ancillary/HPXcvt.c:129:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
quad = atoi(argv[i]+2)%4;
data/montage-6.0+dfsg/ancillary/HPXcvt.c:203:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char crdsys[32], ordering[32];
data/montage-6.0+dfsg/ancillary/HPXcvt.c:453:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char history[72];
data/montage-6.0+dfsg/ancillary/HPXcvt.c:577:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(history, " Original NSIDE: %d", hpxdat->nside);
data/montage-6.0+dfsg/ancillary/HPXcvt.c:581:32: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (hpxdat->ordering == 'r') strcat(history, " (assumed)");
data/montage-6.0+dfsg/ancillary/HPXcvt.c:754:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[64], cval[16], *ctype1, *ctype2, *descr1, *descr2, *pcode;
data/montage-6.0+dfsg/ancillary/HPXcvt.c:858:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(comment, "[deg] Native longitude of the celestial pole");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:51:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:52:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logaddr[MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:151:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fheader[1600];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:156:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:157:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf [BUFSIZE];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:158:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:169:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:170:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gpfsname [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:171:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:172:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname1 [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:173:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname2 [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:174:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char diffname [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:175:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char areafile [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:176:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char corrected [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:177:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char survey [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:178:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:180:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdrfile [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:181:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdrtext [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:182:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outstr [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:183:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgfile [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:184:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char savefile [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:185:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitsurl [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:186:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlbase [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:187:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlcoded [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:190:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file [MAXLEN][1024];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:196:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char astr [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:197:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bstr [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:198:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:228:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char band [16];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:230:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:231:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char env0 [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:232:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char env1 [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:233:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char env2 [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:234:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char env3 [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:235:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char env4 [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:236:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char env5 [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:237:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char env6 [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:238:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char env7 [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:239:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char env8 [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:240:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:241:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:242:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:243:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:245:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:246:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workspace[MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:354:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(template, "MOSAIC_XXXXXX");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:397:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "sexit.sh");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:421:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fmsg = fopen(msgfile, "w+");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:453:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(hdrfile, "r" );
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:465:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(cmd, "w+");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:505:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(cmd, "w+");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:640:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fhdr = fopen("region.hdr", "r");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:646:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bhdr = fopen("big_region.hdr", "w+");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:669:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ival = atoi(temp+9);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:674:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ival = atoi(temp+9);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:848:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "%d archive images in region", nimages);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:889:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Need columns 'file' and 'url' in input");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:919:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(gpfsname, "r" );
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:928:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fsave = fopen( fname, "w+");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:957:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Retrieved %d of %d archive images",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:981:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmd, "mArchiveExec ../remote.tbl");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1013:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( msg, "No data was available for the region specified at this time");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1026:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Retrieved %d archive images",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1048:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mImgtbl raw rimages.tbl");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1082:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mTANHdr -c eq big_region.hdr altout.hdr");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1163:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Output would overwrite input");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1189:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Bad WCS in input image");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1221:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mTANHdr -c eq orig.hdr altin.hdr");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1330:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg, ": ");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1336:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg, ": ");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1357:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Reprojected %d of %d images",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1384:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Reprojected %d images (%d failed, %d did not overlap region)",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1411:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mImgtbl projected pimages.tbl");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1423:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmd, "mOverlaps pimages.tbl diffs.tbl");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1448:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "%d overlap regions", noverlap);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1492:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen("fits.tbl", "w+");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1505:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr1 = atoi(tval(icntr1));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1506:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr2 = atoi(tval(icntr2));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1574:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xmin = atoi(svc_value("xmin"));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1575:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xmax = atoi(svc_value("xmax"));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1576:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ymin = atoi(svc_value("ymin"));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1577:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ymax = atoi(svc_value("ymax"));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1601:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(areafile, "_area.fits");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1610:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Processed %d of %d overlaps",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1641:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmd, "mBgModel -l pimages.tbl fits.tbl corrections.tbl");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1643:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmd, "mBgModel pimages.tbl fits.tbl corrections.tbl");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1668:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Overlap analysis complete");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1714:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr[index] = atoi(tval(icntr1));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1757:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(tval(icntr1));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1822:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(areafile, "_area.fits");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1831:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Background corrected %d of %d images",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1853:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Images background corrected");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1879:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mImgtbl corrected cimages.tbl");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1889:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mAdd -p corrected cimages.tbl region.hdr mosaic.fits");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1913:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mImgtbl projected pimages.tbl");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1923:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mAdd -p projected pimages.tbl region.hdr mosaic.fits");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1948:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Mosaic created");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1968:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen("mosaic.fits", "r" );
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1972:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Can't open mosaic file: [mosaic.fits]");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1977:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fsave = fopen( savefile, "w+");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2016:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Need column 'fname' in input");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2036:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(areafile, "_area.fits");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2068:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Need column 'fname' in input");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2088:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(areafile, "_area.fits");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2115:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmd, "mJPEG -ct 1 -gray mosaic.fits min max gaussianlog -out mosaic.jpg");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2140:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "JPEG generated");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2162:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fhtml = fopen("index.html", "w+");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2164:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fitsurl, "http://users.sdsc.edu/~leesa/cgi-bin/srb-get.cgi/mosaic.fits?/NVOzone/home/jcg.nvo/");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2165:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(urlbase, "http://users.sdsc.edu/~leesa/cgi-bin/srb-get.cgi?/NVOzone/home/jcg.nvo/");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2166:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(urlcoded, "http%3A%2F%2Fusers.sdsc.edu%2F%7Eleesa%2Fcgi-bin%2Fsrb-get.cgi%3F%2FNVOzone%2Fhome%2Fjcg.nvo%2F");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2252:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(env0, "srbAuth=xxxxxx"); putenv(env0);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2253:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(env1, "mdasCollectionName=/NVOzone/home/jcg.nvo"); putenv(env1);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2254:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(env2, "mdasCollectionHome=/NVOzone/home/jcg.nvo"); putenv(env2);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2255:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(env3, "mdasDomainName=nvo"); putenv(env3);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2256:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(env4, "srbUser=jcg"); putenv(env4);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2257:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(env5, "srbHost=tgsrb.sdsc.edu"); putenv(env5);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2258:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(env6, "srbPort=8833"); putenv(env6);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2259:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(env7, "mcatZone=NVOzone"); putenv(env7);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2260:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(env8, "defaultResource=sf1-nvo"); putenv(env8);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2280:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "sinit.sh");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2337:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "sexit.sh");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2356:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Data copied to permanent store");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2405:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Processing took %d seconds",
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2425:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2426:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgstr[MAXLEN];
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2486:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/grid/Globus/NotifyTG/mNotifyTG.c:39:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/NotifyTG/mNotifyTG.c:40:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char request [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/NotifyTG/mNotifyTG.c:41:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/NotifyTG/mNotifyTG.c:42:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char constraint[MAXLEN];
data/montage-6.0+dfsg/grid/Globus/NotifyTG/mNotifyTG.c:43:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/NotifyTG/mNotifyTG.c:44:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result [MAXLEN];
data/montage-6.0+dfsg/grid/Globus/NotifyTG/mNotifyTG.c:58:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(server, "montage-lx.ipac.caltech.edu");
data/montage-6.0+dfsg/grid/Globus/NotifyTG/mNotifyTG.c:62:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(base, "/cgi-bin/Notify/nph-notify?");
data/montage-6.0+dfsg/grid/Globus/NotifyTG/mNotifyTG.c:167:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(host->h_addr_list[0], &sin.sin_addr, host->h_length);
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:60:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char statfile[MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:62:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:63:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitfile [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char statdir [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:66:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:67:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:68:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:69:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [32];
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:116:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:141:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(fitfile, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:196:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr1 = atoi(tval(icntr1));
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:197:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr2 = atoi(tval(icntr2));
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:210:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fstat = fopen(statfile, "r");
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:253:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xmin = atoi(svc_val(line, "xmin", val));
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:254:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xmax = atoi(svc_val(line, "xmax", val));
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:255:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ymin = atoi(svc_val(line, "ymin", val));
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:256:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ymax = atoi(svc_val(line, "ymax", val));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:56:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:57:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dfmt [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:100:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:101:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mproj [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:102:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char survey [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:103:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char band [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:104:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdrFile [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:105:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mosaicCenter[MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:106:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mosaicWidth [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:107:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mosaicHeight[MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:108:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mosaicCdelt [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:109:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workdir [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:110:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlbase [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:111:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workurlbase [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:112:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestr [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:113:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:114:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:115:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:116:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:117:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitname [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:118:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plusname [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:119:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char minusname [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:120:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jobid [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:121:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileList [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:122:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parentList [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:123:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sortedParent[MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:159:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dv_version [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:163:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:164:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:175:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:182:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char idstr[256];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:187:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dv_version, "1.0");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:198:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yr = atoi(buffer);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:201:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mo = atoi(buffer);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:204:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
day = atoi(buffer);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:207:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hr = atoi(buffer);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:210:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = atoi(buffer);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:213:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sec = atoi(buffer);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:217:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(idstr, "%04d%02d%02d_%02d%02d%02d_%d",
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:236:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdebug = fopen("debug.txt", "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:319:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mproj, "mProjectPP");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:323:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mproj, "mProject");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:350:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mosaicCenter, "%.6f %.6f eq J2000", lonc, latc);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:411:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mosaicWidth, "%.6f", width);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:412:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mosaicHeight, "%.6f", height);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:430:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(hdrFile, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:479:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(hdrFile, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:678:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(hdrFile, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:735:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(cmd, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:818:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdag = fopen(cmd, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:821:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fcache = fopen(cmd, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:824:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
furl = fopen(cmd, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:946:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fname, "_area.fits");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:975:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ffit = fopen(cmd, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:990:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr1 = atoi(tval(icntr1));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:991:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr2 = atoi(tval(icntr2));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1050:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fname, "_area.fits");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1191:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1201:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1208:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1209:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "big_region.hdr");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1248:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr1 = atoi(tval(icntr1));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1249:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr2 = atoi(tval(icntr2));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1270:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "fit.%06d.%06d.txt", cntr1, cntr2);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1271:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1277:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1288:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1297:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "diff.%06d.%06d.fits", cntr1, cntr2);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1298:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1304:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1305:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "big_region.hdr");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1329:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1330:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "statfile.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1335:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "fits.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1336:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1352:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr1 = atoi(tval(icntr1));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1353:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr2 = atoi(tval(icntr2));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1358:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1359:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "fit.%06d.%06d.txt", cntr1, cntr2);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1383:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1384:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "pimages.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1389:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1390:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "fits.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1395:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "corrections.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1396:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1441:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1450:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1451:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "pimages.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1456:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1457:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "corrections.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1464:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1507:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1508:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "cimages_%d_%d.tbl", i, j);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1513:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "newcimages_%d_%d.tbl",i,j);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1514:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1539:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1563:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1564:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "cimages.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1569:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "newcimages.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1570:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1595:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1634:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1635:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "newcimages_%d_%d.tbl", i, j);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1641:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1642:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "region_%d_%d.hdr", i, j);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1648:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "tile_%d_%d.fits", i, j);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1649:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1680:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1702:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1703:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "newcimages.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1708:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1709:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "region.hdr");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1714:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "mosaic.fits");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1715:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1745:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1784:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1785:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "tile_%d_%d.fits", i, j);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1791:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "shrunken_%d_%d.fits", i, j);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1792:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1810:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1811:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "mosaic.fits");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1816:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "shrunken.fits");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1817:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1850:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1851:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "slist.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1856:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "simages.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1857:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1867:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1868:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "shrunken_%d_%d.fits", i, j);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1891:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1892:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "simages.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1897:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1898:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "shrunken.hdr");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1903:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "shrunken.fits");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1904:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1914:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1915:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "shrunken_%d_%d.fits", i, j);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1941:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1942:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "shrunken.fits");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1947:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "shrunken.jpg");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1948:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1954:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "dag.xml");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1955:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1961:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "images.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1962:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1990:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(jobid, "ID%06d", i);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1994:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ffile = fopen(fileList, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2012:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ffile = fopen(fileList, "r");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2020:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fparent = fopen(parentList, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2044:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
parent = atoi(parentid+2);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2081:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fparent = fopen(sortedParent, "r");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2099:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
parent = atoi(line);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2148:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2149:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2151:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(template, "r");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2306:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2307:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char request [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2308:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2309:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char constraint[MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2310:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2314:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result [4096];
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2316:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(server, "irsa.ipac.caltech.edu");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2320:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(base, "/cgi-bin/Oasis/Lookup/nph-lookup?");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2485:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(host->h_addr_list[0], &sin.sin_addr, host->h_length);
data/montage-6.0+dfsg/grid/Pegasus/mDAGFiles.c:45:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mDAGFiles.c:46:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char request [MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mDAGFiles.c:47:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base [MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mDAGFiles.c:48:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char constraint[MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mDAGFiles.c:49:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server [MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mDAGFiles.c:70:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(server, "montage.jpl.nasa.gov");
data/montage-6.0+dfsg/grid/Pegasus/mDAGFiles.c:76:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(base, "/cgi-bin/nph-mdag-cgi?");
data/montage-6.0+dfsg/grid/Pegasus/mDAGFiles.c:90:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(argv[7], "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAGFiles.c:182:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(host->h_addr_list[0], &sin.sin_addr, host->h_length);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:55:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:56:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dfmt [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:78:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:79:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mproj [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:80:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char survey [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:81:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char band [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:82:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdrFile [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:83:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mosaicCentLon [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:84:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mosaicCentLat [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:85:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mosaicWidth [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:86:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mosaicHeight [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:87:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mosaicCdelt [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:88:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workdir [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:89:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlbase [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:90:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workurlbase [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:91:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestr [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:92:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:93:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:94:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:95:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:96:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitname [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:97:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plusname [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:98:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char minusname [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:99:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jobid [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:100:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileList [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:101:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parentList [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:102:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sortedParent [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:134:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dv_version [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:138:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:139:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:150:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:157:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char idstr[256];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:162:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dv_version, "1.0");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:173:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yr = atoi(buffer);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:176:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mo = atoi(buffer);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:179:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
day = atoi(buffer);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:182:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hr = atoi(buffer);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:185:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = atoi(buffer);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:188:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sec = atoi(buffer);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:192:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(idstr, "%04d%02d%02d_%02d%02d%02d_%d",
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:211:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdebug = fopen("debug.txt", "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:266:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mproj, "mProject");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:279:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(hdrFile, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:325:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(hdrFile, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:513:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdag = fopen(cmd, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:516:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fcache = fopen(cmd, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:519:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
furl = fopen(cmd, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:642:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fname, "_area.fits");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:671:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ffit = fopen(cmd, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:686:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr1 = atoi(tval(icntr1));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:687:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr2 = atoi(tval(icntr2));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:746:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fname, "_area.fits");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:842:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:851:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:858:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:859:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "big_region.hdr");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:898:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr1 = atoi(tval(icntr1));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:899:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr2 = atoi(tval(icntr2));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:920:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "fit.%06d.%06d.txt", cntr1, cntr2);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:921:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:927:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:938:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:947:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "diff.%06d.%06d.fits", cntr1, cntr2);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:948:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:954:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:955:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "big_region.hdr");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:979:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:980:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "statfile.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:985:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "fits.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:986:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1002:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr1 = atoi(tval(icntr1));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1003:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr2 = atoi(tval(icntr2));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1008:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1009:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "fit.%06d.%06d.txt", cntr1, cntr2);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1033:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1034:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "pimages.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1039:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1040:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "fits.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1045:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "corrections.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1046:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1091:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1100:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1101:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "pimages.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1106:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1107:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "corrections.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1114:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1149:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1150:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "cimages.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1155:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "newcimages.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1156:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1181:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1210:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1211:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "newcimages.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1216:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1217:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "region.hdr");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1222:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "mosaic.fits");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1223:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1253:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1283:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1284:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "mosaic.fits");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1289:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "shrunken.fits");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1290:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1312:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1313:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "shrunken.fits");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1318:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "shrunken.jpg");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1319:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1325:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "dag.xml");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1326:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1332:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "images.tbl");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1333:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(val, "ID%06d", id);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1361:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(jobid, "ID%06d", i);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1365:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ffile = fopen(fileList, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1383:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ffile = fopen(fileList, "r");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1391:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fparent = fopen(parentList, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1415:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
parent = atoi(parentid+2);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1452:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fparent = fopen(sortedParent, "r");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1470:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
parent = atoi(line);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1519:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1520:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1522:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(template, "r");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1677:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1678:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char request [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1679:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1680:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char constraint[MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1681:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1685:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result [4096];
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1687:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(server, "irsa.ipac.caltech.edu");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1691:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(base, "/cgi-bin/Oasis/Lookup/nph-lookup?");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1856:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(host->h_addr_list[0], &sin.sin_addr, host->h_length);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:41:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origimg_file [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:42:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:43:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rawimg_file [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:44:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char projimg_file [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:45:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char corrimg_file [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:65:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[16];
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:66:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[16];
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:77:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:139:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[32768];
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:140:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:141:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:142:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rfmt [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:143:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pfmt [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:144:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cfmt [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:145:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ofile [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:146:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scale [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:179:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:336:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fraw = (FILE *)fopen(rawimg_file, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:421:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fproj = (FILE *)fopen(projimg_file, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:465:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fcorr = (FILE *)fopen(corrimg_file, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:536:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input.cntr = atoi(tval(icntr));
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:537:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input.naxis1 = atoi(tval(ins));
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:538:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input.naxis2 = atoi(tval(inl));
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:561:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:562:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:563:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:564:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", input.naxis1 ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:565:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", input.naxis2 ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:568:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %11.6f", input.crval1 ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:569:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %11.6f", input.crval2 ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:570:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %11.6f", input.crpix1 ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:571:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %11.6f", input.crpix2 ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:575:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %11.6f", input.cdelt1 ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:576:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %11.6f", input.cdelt2 ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:577:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CROTA2 = %11.6f", input.crota2 ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:581:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD1_1 = %11.6f", input.cd11 ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:582:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD1_2 = %11.6f", input.cd12 ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:583:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD2_1 = %11.6f", input.cd21 ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:584:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CD2_2 = %11.6f", input.cd22 ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:587:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", input.equinox); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:588:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); stradd(header, temp);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:591:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input.equinox = atoi(tval(iequinox));
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:882:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(ofile, ".fits");
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:987:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:989:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:1000:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:28:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file1 [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:29:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file2 [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:30:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:31:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file[MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:33:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:34:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:35:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:65:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:66:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:67:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char crpix1 [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:68:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char crpix2 [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:69:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xmin [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:70:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xmax [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:71:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ymin [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:72:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ymax [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:73:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xcenter [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:74:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ycenter [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:75:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char npixel [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:76:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rms [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:77:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char boxx [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:78:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char boxy [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:79:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char boxwidth [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:80:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char boxheight[MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:81:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char boxang [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:130:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:202:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fopen(output_file, "w+");
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:44:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char request[MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:45:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server [256];
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:46:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base [256];
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:47:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jobid [256];
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:48:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:49:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:50:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portStr[10];
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:75:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fout = fopen(argv[argc-1],"r")) == (FILE *)0)
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:97:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(server, "pegasus.isi.edu");
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:98:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(base, "/portal/mGridExec.html");
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:169:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(portStr);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:205:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request,"Content-Type: multipart/form-data; boundary=---------------------------7d43e2b301fe\r\n");
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:208:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request,"Host: 127.0.0.1\r\n");
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:211:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request,"Content-Length: %lld\r\n",size + 459);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:214:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request,"\r\n-----------------------------7d43e2b301fe\r\n");
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:217:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request,"Content-Disposition: form-data; name=\"proxyserver\"\r\n\r\n");
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:220:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request,"birdie.isi.edu\r\n");
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:223:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request,"-----------------------------7d43e2b301fe\r\n");
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:226:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request,"Content-Disposition: form-data; name=\"filename\"; ");
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:229:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request,"filename=\"out.zip\"\r\n");
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:232:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request,"Content-Type: application/x-zip-compressed\r\n\r\n");
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:247:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request,"\r\n-----------------------------7d43e2b301fe\r\n");
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:250:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request,"Content-Disposition: form-data; name=\"B1\"\r\n\r\n");
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:253:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request,"Submit\r\n");
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:256:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request,"-----------------------------7d43e2b301fe--\r\n");
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:368:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(host->h_addr_list[0], &sin.sin_addr, host->h_length);
data/montage-6.0+dfsg/grid/Pegasus/mNotify.c:41:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mNotify.c:42:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char request [MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mNotify.c:43:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base [MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mNotify.c:44:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char constraint[MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mNotify.c:45:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server [MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mNotify.c:46:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result [MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mNotify.c:61:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(server, "irsa.ipac.caltech.edu");
data/montage-6.0+dfsg/grid/Pegasus/mNotify.c:65:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(base, "/cgi-bin/Notify/nph-notify?");
data/montage-6.0+dfsg/grid/Pegasus/mNotify.c:174:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(host->h_addr_list[0], &sin.sin_addr, host->h_length);
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:35:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlbase [MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:36:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filebase [MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:37:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locstr [MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:38:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size [MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:39:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char band [MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:40:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile [MAXLEN];
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:62:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(band[0] == 'k') strcpy(band, "K<sub>s</sub>");
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:66:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(band[0] == 'K') strcpy(band, "K<sub>s</sub>");
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:68:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nx = atoi(argv[6]);
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:69:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ny = atoi(argv[7]);
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:79:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(outfile, "w+");
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:23:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file1 [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:24:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file2 [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:25:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:26:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file[MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:28:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:29:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:30:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:57:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:58:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:59:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:60:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char crpix1 [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:61:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char crpix2 [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:62:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xmin [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:63:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xmax [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ymin [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:65:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ymax [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:66:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xcenter [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:67:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ycenter [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:68:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char npixel [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:69:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rms [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:70:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char boxx [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:71:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char boxy [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:72:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char boxwidth [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:73:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char boxheight[MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:74:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char boxang [MAXSTR];
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:123:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/lib/src/boundaries/test/hulltest.c:30:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(argv[1], "r");
data/montage-6.0+dfsg/lib/src/boundaries/test/nsboxtest.c:29:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mode = atoi(argv[2]);
data/montage-6.0+dfsg/lib/src/boundaries/test/nsboxtest.c:34:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(argv[1], "r");
data/montage-6.0+dfsg/lib/src/cmd/cmd.c:13:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char gDefWhiteMap[256] =
data/montage-6.0+dfsg/lib/src/cmd/cmd.c:33:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char gWhiteMap[256] =
data/montage-6.0+dfsg/lib/src/cmd/cmd.c:60:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(gWhiteMap, gDefWhiteMap, 256);
data/montage-6.0+dfsg/lib/src/coord/ccalc.c:307:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(clon,"%.9f",*lon);
data/montage-6.0+dfsg/lib/src/coord/ccalc.c:308:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(clat,"%.9f",*lat);
data/montage-6.0+dfsg/lib/src/coord/ccalc.c:435:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(clon,"%.*f", longprec, *lon);
data/montage-6.0+dfsg/lib/src/coord/ccalc.c:437:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(clat,"%+.*f", latprec, *lat);
data/montage-6.0+dfsg/lib/src/coord/coord.h:9:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sys[3]; /* Coordinate system */
data/montage-6.0+dfsg/lib/src/coord/coord.h:10:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char clon[25], clat[25]; /* Coordinates (when expressed as char string) */
data/montage-6.0+dfsg/lib/src/coord/coord.h:12:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt[6]; /* Units */
data/montage-6.0+dfsg/lib/src/coord/coord.h:13:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char epoch[10]; /* Epoch type and year */
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:25:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmtstring[3][16] = {"unk", "ddc", "sex"};
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:26:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysname[4][16] = {"eq", "ec", "ga", "sg"};
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:43:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cmdv[MAXSTR];
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:51:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(epoch, "j2000");
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:38:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char crain[40], cdecin[40], *subst[10], teststr[40], coordin[40];
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:39:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmph[40], tmpd[40], tmpm[40], tmps[40];
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:284:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(json->key[json->count], "%-d", json->count);
data/montage-6.0+dfsg/lib/src/lodepng_20140823/lodepng.c:375:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename, "rb");
data/montage-6.0+dfsg/lib/src/lodepng_20140823/lodepng.c:397:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename, "wb" );
data/montage-6.0+dfsg/lib/src/lodepng_20140823/lodepng.c:2391:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void lodepng_chunk_type(char type[5], const unsigned char* chunk)
data/montage-6.0+dfsg/lib/src/lodepng_20140823/lodepng.h:564:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char palette[1024]; /*Remembers up to the first 256 RGBA colors, in no particular order*/
data/montage-6.0+dfsg/lib/src/lodepng_20140823/lodepng.h:684:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void lodepng_chunk_type(char type[5], const unsigned char* chunk);
data/montage-6.0+dfsg/lib/src/mcurl/mcurl.c:11:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Successful download.");
data/montage-6.0+dfsg/lib/src/mcurl/mcurl.c:33:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdata = fopen(outFile, "w+");
data/montage-6.0+dfsg/lib/src/mcurl/mcurl.c:37:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Error opening output file.");
data/montage-6.0+dfsg/lib/src/mcurl/mcurl.c:64:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Timeout retrieving URL.");
data/montage-6.0+dfsg/lib/src/mcurl/mcurl.c:66:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Error retrieving URL.");
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:41:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char actcd[64]="/data/act";
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32], decstr[32], rastr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:577:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:906:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (path, "r"))) {
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:965:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32], raxstr[32], ramins[32], ramaxs[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:1057:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:1094:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
irh = atoi (line);
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:1095:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
irm = atoi (line+3);
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:1098:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idd = atoi (line+15);
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:1099:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idm = atoi (line+18);
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:1132:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:16:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstring[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:56:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%09.6f",hours,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:68:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%08.5f",hours,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:80:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%07.4f",hours,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:92:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%06.3f",hours,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:104:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%05.2f",hours,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:116:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%04.1f",hours,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:129:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%02d",hours,minutes,isec);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:161:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstring[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:205:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%09.6f",sign,degrees,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:216:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%08.5f",sign,degrees,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:227:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%07.4f",sign,degrees,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:238:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%06.3f",sign,degrees,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:249:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%05.2f",sign,degrees,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:260:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%04.1f",sign,degrees,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:272:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%02d",sign,degrees,minutes,isec);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:298:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char degform[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:300:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstring[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:320:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (degform, "%%%d.%df", field, ndec);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:324:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (degform, "%%%4d", field);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:351:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numform[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:355:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numform, "%%%d.%df", field, ndec);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:359:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numform, "%%%dd", field);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:365:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numform, "%%.%df", ndec);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:369:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%d", (int)num);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:42:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bindir[64]="/data/astrocat";
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:137:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:138:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[128];
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:220:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rstr1[16],rstr2[16],dstr1[16],dstr2[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:506:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[128];
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:703:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:770:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rstr1[16],rstr2[16],dstr1[16],dstr2[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:928:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char binpath[128]; /* Full pathname for catalog file */
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1033:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fcat = open (binpath, O_RDONLY+O_BINARY)) < 3) {
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32], raxstr[32], ramins[32], ramaxs[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1316:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((char *) &ino, (char *)&st->xno, 4);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1320:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((char *) &ino, (char *)&st->xno, 4);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1324:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((char *) &ino, (char *)&st->xno, 4);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1438:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1471:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "rb")) == NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1497:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1500:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "rb")) == NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:151:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "HST Guide Stars/ACT");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:160:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "GSC 2.2 Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:164:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "GSC 2.3 Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:168:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "GSC 2.3 Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:178:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "HST Guide Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:186:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "SDSS Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:194:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "SkyBot Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:202:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO-B1.0 Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:211:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO-YB6 Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:226:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO SA-1.0 Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:228:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO SA-2.0 Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:230:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO SA Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:247:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO A-1.0 Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:249:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO A-2.0 Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:251:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO A Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:254:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO UCAC1 Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:262:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO UCAC2 Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:270:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO UCAC3 Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:278:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO UCAC4 Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:286:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "USNO J Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:294:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "SAO Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:308:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "PPM Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:322:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "IRAS Point Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:333:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "SKY2000 Master Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:347:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "Tycho 2 Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:355:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "Tycho 2 Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:363:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "Tycho Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:374:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "Hipparcos Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:385:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "ACT Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:393:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "Bright Star Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:404:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "2MASS Point Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:412:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "2MASS Point Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:420:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (title, "2MASS Extended Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:437:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (title, " Catalog Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:449:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (title, " Catalog Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:465:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (title, " Catalog Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:683:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "GSC");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:685:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "GSC-ACT");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:688:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "GSC 2.2");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:691:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "GSC 2.3");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:695:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-YB6");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:697:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "UJC");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:699:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-A2.0");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:701:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-SA2.0");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:703:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "SAO");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:705:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "IRAS PSC");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:707:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "SDSS");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:709:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "PPM");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:711:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "TYCHO");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:713:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-A1.0");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:715:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-B1.0");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:717:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-UCAC1");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:719:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-UCAC2");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:721:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-UCAC3");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:723:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-UCAC4");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:725:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-A2.0");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:727:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-SA1.0");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:729:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-SA2.0");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:731:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "Hipparcos");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:733:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "ACT");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:735:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "BSC");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:738:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "TYCHO-2");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:741:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "2MASS PSC");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:743:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "2MASS XSC");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:745:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "2MASS PSC IDR2");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:747:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "SKY2000");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:749:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "SkyBot");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:772:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (catname, "catalog sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:780:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "HST Guide Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:782:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "GSC-ACT Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:785:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "GSC 2.2 Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:788:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "GSC 2.3 Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:792:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-YB6 Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:794:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO J Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:796:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-A2.0 Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:798:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-SA2.0 Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:800:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "SAO Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:802:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "IRAS Point Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:804:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "SDSS Photmetric Catalog Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:806:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "PPM Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:808:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "Tycho Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:810:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "Tycho-2 Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:812:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "Tycho-2 Catalog Stars with mag error");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:814:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-A1.0 Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:816:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-B1.0 Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:818:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-UCAC1 Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:820:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-UCAC2 Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:822:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-UCAC3 Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:824:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-UCAC4 Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:826:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-A2.0 Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:828:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-SA1.0 Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:830:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "USNO-SA2.0 Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:832:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "Hipparcos Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:834:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "ACT Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:836:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "Bright Star Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:838:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "2MASS Point Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:840:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "2MASS Point Sources with mag error");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:842:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "2MASS Extended Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:844:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "2MASS-IDR2 Point Sources");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:846:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "SKY2000 Catalog Stars");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:848:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catname, "SkyBot Objects");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:860:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid, "act_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:862:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid, "bsc_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:864:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid, "gsc_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:866:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid, "gsc2_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:868:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid, "sdss_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:870:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"usac_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:872:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"usa1_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:874:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"usa2_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:876:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"usnoa_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:878:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"usnoa1_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:880:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"usnob1_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:882:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"usnoyb6_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:884:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"usnoa2_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:886:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"ucac1_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:888:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"ucac2_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:890:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"ucac3_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:892:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"ucac4_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:894:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"usnoj_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:896:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"2mass_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:898:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"2mx_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:900:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"sao_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:902:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"ppm_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:904:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"iras_id");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:906:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"tycho_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:908:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"tycho2_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:910:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"hip_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:912:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"sky_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:914:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"skybot_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:916:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catid,"id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:987:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "gscact");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:991:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "gsc2");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:995:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "gsc");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:999:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "sdss");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1003:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "uac");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1007:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "ua1");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1011:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "ub1");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1015:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "yb6");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1019:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "ua2");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1023:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "usac");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1027:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "usa1");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1031:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "usa2");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1035:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "ucac1");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1039:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "ucac2");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1043:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "ucac3");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1047:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "ucac4");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1051:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "ujc");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1055:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "sao");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1059:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "ppm");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1063:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "iras");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1068:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "tycho2e");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1070:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "tycho2");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1072:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "tycho");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1076:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "hipparcos");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1080:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "act");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1084:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "bsc");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1088:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "sky2k");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1092:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "skybot");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1098:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "tmce");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1100:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "tmc");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1105:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (refcatname, "tmx");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nform[16]; /* Format for star number */
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1133:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%013.8f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1135:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%13.8f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1141:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%012.7f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1143:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%12.7f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1149:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%010.6f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1151:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%10.6f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1157:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%010.6f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1159:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%10.6f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1165:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%010.6f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1167:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%10.6f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1173:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%010.6f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1175:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%10.6f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1180:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "582%015.0f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1187:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "N%.0f", (dnum+0.01));
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1189:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "S%.0f", (-dnum + 0.01));
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1198:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "N%.0f", (dnum+0.5));
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1200:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "S%.0f", (-dnum + 0.5));
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1207:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%011.6f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1209:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%11.6f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1215:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%011.6f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1217:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%11.6f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1223:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%010.7f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1225:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%10.7f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1231:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%07d", (int)(dnum+0.5));
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1233:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%7d", (int)(dnum+0.5));
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1239:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%012.7f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1241:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%12.7f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1247:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%09.4f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1249:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%9.4f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1255:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%06d", (int)(dnum+0.5));
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1257:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%6d", (int)(dnum+0.5));
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1263:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%04d", (int)(dnum+0.5));
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1265:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%4d", (int)(dnum+0.5));
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1271:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%07d", (int)(dnum+0.5));
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1273:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%7d", (int)(dnum+0.5));
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1281:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%010.5f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1283:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%10.5f", dnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1289:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (nform,"%%%d.%df", nnfld, nndec);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1291:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (nform,"%%0%d.%df", -nnfld, nndec);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1293:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (nform,"%%%d.%df", nndec+5, nndec);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1297:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (nform,"%%%d.0f", nnfld);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1301:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (nform,"%%%dd", nnfld);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1305:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (nform,"%%0%dd", -nnfld);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1309:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%d", (int)(dnum+0.49));
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1311:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numstr, "%6d", (int)(dnum+0.49));
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1541:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagR");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1543:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagB");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1547:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagN");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1549:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagR2");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1551:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagB2");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1553:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagR1");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1555:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagB1");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1559:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagK");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1561:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagH");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1563:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagJ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1565:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagR");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1567:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagB");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1571:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "Magz");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1573:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "Magi");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1575:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "Magr");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1577:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "Magg");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1579:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "Magu");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1583:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagV");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1585:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagB");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1589:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagB");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1591:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagBe");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1593:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagVe");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1595:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagV");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1599:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagJ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1601:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagN");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1603:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagU");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1605:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagB");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1607:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagV");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1609:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagR");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1611:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagI");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1613:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagF");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1617:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagB");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1619:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagV");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1621:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagP");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1623:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagPv");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1627:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagJ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1629:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagH");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1631:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagK");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1635:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagJ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1637:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagH");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1639:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagK");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1641:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagJe");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1643:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagHe");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1645:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagKe");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1649:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagJ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1651:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagH");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1653:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagK");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1655:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagC");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1659:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagB");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1661:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagR");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1663:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagI");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1665:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagJ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1667:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagH");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1669:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagK");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1671:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagM");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1673:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagA");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1677:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagB");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1679:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagR");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1681:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagI");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1683:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagJ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1685:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagH");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1687:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagK");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1689:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagM");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1691:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagA");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1694:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "MagV");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1696:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (magname, "Mag");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1874:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nstring[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1875:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1931:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (format, "%%0%dd", ndmax);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1965:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, " %9.4f", epoch);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1967:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, " %9.4f", epoch);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1975:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, " %13.5f", year);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1977:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, " %13.5f", year);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1985:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, " %11.5f", year);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1987:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, " %11.5f", year);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1992:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp," 0000-00-00");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1994:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp," 0000-00-00");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1996:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp,"T00:00");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2067:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rstr1[16],rstr2[16],dstr1[16],dstr2[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2284:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rstr1[16],rstr2[16],dstr1[16],dstr2[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2561:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2564:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*ival = atoi (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2583:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2610:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[81];
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2612:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cquot, squot[2], dquot[2], lbracket[2], rbracket[2], comma[2];
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2721:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ipar = atoi (brack1);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2795:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sptbv[468]={"O5O8B0B0B0B1B1B1B2B2B2B3B3B3B4B5B5B6B6B6B7B7B8B8B8B9B9B9B9A0A0A0A0A0A0A0A0A0A2A2A2A2A2A2A2A2A5A5A5A5A6A7A7A7A7A7A7A7A7A7A7F0F0F0F0F0F0F0F2F2F2F2F2F2F2F5F5F5F5F5F5F5F5F5F8F8F8F8F8F8G0G5G5G2G2G2G3G3G4G4G5G5G5G6G6G6G6G6K6K6K6K6K7K7K7K7K7K7K7K7K7K7K7K7K7K7K8K8K8K8K8K8K8K8K8K8K8K8K8K8K8K8K8K8K8K5K5K5K5K5K6K6K6K6K6K6K6K7K7K7K7K7K7K7K8K8K8K8K9K9K9M0M0M0M0M0M0M1M1M1M1M1M2M2M2M2M3M3M4M4M5M5M5M2M2M2M3M3M4M4M5M5M5M6M6M6M6M6M6M6M6M6M7M7M7M7M7M7M7M7M7M7M7M7M7M7M8M8M8M8M8M8M8"};
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2834:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sptbr1[96]={"O5O8O9O9B0B0B0B0B0B1B1B1B2B2B2B2B2B3B3B3B3B3B3B5B5B5B5B6B6B6B7B7B7B7B8B8B8B8B8B9B9B9B9B9A0A0A0"};
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2836:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sptbr2[904]={"A0A0A0A0A0A0A0A0A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A5A5A5A5A5A5A5A5A5A5A5A7A7A7A7A7A7A7A7A7A7A7A7A7A7A7A7F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F2F2F2F2F2F2F2F2F2F2F2F5F5F5F5F5F5F5F5F5F5F5F5F5F5F8F8F8F8F8F8F8F8F8F8F8F8F8F8G0G0G0G0G0G0G0G0G2G2G2G2G2G5G5G5G5G5G5G5G5G8G8G8G8G8G8G8G8G8G8G8G8G8G8K0K0K0K0K0K0K0K0K0K0K0K0K0K0K0K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K2K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K5K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7K7M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M0M1M1M1M1M1M1M1M1M1M1M1M1M1M1M1M2M2M2M2M2M2M2M2M2M2M2M2M2M2M2M3M3M3M3M3M3M3M3M3M3M3M4M4M4M4M4M4M4M4M4M4M4M4M4M4M5M5M5M5M5M5M5M5M5M5M5M5M5M5M5M5M5M5M5M5M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M6M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M7M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8M8"};
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2900:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headline[160];
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2922:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline, "act_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2924:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline, "bsc_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2926:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline, "gsc_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2928:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline,"usac_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2930:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline,"usa1_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2932:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline,"usa2_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2934:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline,"usnoa_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2936:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline,"usnoa1_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2938:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline,"usnoa2_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2940:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline,"usnoj_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2942:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline,"2mass_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2944:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline,"2mx_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2946:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline,"sao_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2948:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline,"ppm_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2950:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline,"iras_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2952:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline,"tycho_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2954:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline,"tycho2_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2956:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline,"hip_id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2958:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline,"id ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2962:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," long_gal lat_gal ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2964:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," long_ecl lat_ecl ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2966:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," ra1950 dec1950 ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2968:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," ra dec ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2971:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," magb magr plate");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2973:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," magj magh magk");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2975:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," magb magv");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2977:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," mag class band N");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2979:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," mag plate");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2981:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," mag");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2983:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," type");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2985:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," Ura Udec ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2987:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," arcsec");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2993:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," object");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2995:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline, " x y ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:3002:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (headline, "---------------------");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:3004:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," ------------ ------------");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:3006:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," ----- -----");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:3008:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," -----");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:3010:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," ----- ---- -");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:3012:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," ----");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:3014:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," -----");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:3016:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," -----");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:3018:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," ------- ------");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:3020:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline, " ------");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:3022:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline," ------");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:3024:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (headline, " ------- -------");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:3060:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ira = atoi (string+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:3069:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idec = atoi (sdec+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/cel.c:261:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char pcode[4];
data/montage-6.0+dfsg/lib/src/montage_wcs/cel.c:410:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char pcode[4];
data/montage-6.0+dfsg/lib/src/montage_wcs/cel.c:440:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char pcode[4];
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:50:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char catdir[64]="/data/catalogs";
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:551:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:783:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:962:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1219:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80];
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1220:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char catpath[128]; /* Full pathname for catalog file */
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1226:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[MAX_LTOK];
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1266:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (catpath, "r"))) {
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1482:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keymag[sc->nmag-1], "velocity");
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1487:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keymag[sc->nmag-1], "epoch");
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1576:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[80];
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1691:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (token, "%.6f", dtemp);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1764:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (token, "%.6f", dtemp);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1890:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1916:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1921:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (catpath, "r"))) {
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1982:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
deg = (double) atoi (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1987:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = (double) atoi (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1997:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = (double) atoi (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:2015:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dec = sign * (double) atoi (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/daoread.c:139:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (daofile, "r"))) {
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:413:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstring[32], dstring[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:414:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outform[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:428:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (outform, "%%02d:%%02d:%%0%d.%df", nf, ndec);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:432:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (outform, "%%02d:%%02d:%%0%dd", nf);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:439:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dstring, "%4d-%02d-%02d", iyr, imon, iday);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:885:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (isotime, "%04d-%02d-%02dT%02d:%02d:%02d",
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:1999:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "*** date out of range ***");
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:2001:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%02d/%02d/%02d %02d:%02d:%06.3f",
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:2004:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%02d/%02d/%3d %02d:%02d:%6.3f",
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:2007:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "*** date out of range ***");
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:2356:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "*** date out of range ***");
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:2358:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%02d/%02d/%02d", iday, imon, iyr-1900);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:2360:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%02d/%02d/%3d", iday, imon, iyr-1900);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:2362:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "*** date out of range ***");
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:2386:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%02d:%02d:%06.3f", ihr, imn, sec);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:3194:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (isotime, "%04d-%02d-%02dT%02d:%02d:%02d",
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:407:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstring[32], dstring[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:408:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outform[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:422:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (outform, "%%02d:%%02d:%%0%d.%df", nf, ndec);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:426:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (outform, "%%02d:%%02d:%%0%dd", nf);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:433:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (dstring, "%4d-%02d-%02d", iyr, imon, iday);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:879:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (isotime, "%04d-%02d-%02dT%02d:%02d:%02d",
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:1993:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "*** date out of range ***");
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:1995:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%02d/%02d/%02d %02d:%02d:%06.3f",
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:1998:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%02d/%02d/%3d %02d:%02d:%6.3f",
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:2001:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "*** date out of range ***");
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:2261:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "*** date out of range ***");
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:2263:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%02d/%02d/%02d", iday, imon, iyr-1900);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:2265:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%02d/%02d/%3d", iday, imon, iyr-1900);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:2267:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "*** date out of range ***");
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:2291:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%02d:%02d:%06.3f", ihr, imn, sec);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:3099:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (isotime, "%04d-%02d-%02dT%02d:%02d:%02d",
data/montage-6.0+dfsg/lib/src/montage_wcs/distort.c:53:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[12];
data/montage-6.0+dfsg/lib/src/montage_wcs/distort.c:77:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "A_%d_%d", i, j);
data/montage-6.0+dfsg/lib/src/montage_wcs/distort.c:94:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "B_%d_%d", i, j);
data/montage-6.0+dfsg/lib/src/montage_wcs/distort.c:111:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "AP_%d_%d", i, j);
data/montage-6.0+dfsg/lib/src/montage_wcs/distort.c:128:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "BP_%d_%d", i, j);
data/montage-6.0+dfsg/lib/src/montage_wcs/distort.c:149:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/distort.c:150:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/distort.c:160:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "A_%d_%d", i, j);
data/montage-6.0+dfsg/lib/src/montage_wcs/distort.c:172:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "AP_%d_%d", i, j);
data/montage-6.0+dfsg/lib/src/montage_wcs/distort.c:184:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "B_%d_%d", i, j);
data/montage-6.0+dfsg/lib/src/montage_wcs/distort.c:196:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "BP_%d_%d", i, j);
data/montage-6.0+dfsg/lib/src/montage_wcs/distort.c:390:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dcode, "-SIP");
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:151:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "rb")) == NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:213:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "rb")) == NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:238:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[256];
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:241:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:262:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[256];
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:263:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filepath[256];
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:266:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:294:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[256];
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:295:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filepath[256];
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:298:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:466:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:482:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = open (filename, O_RDONLY)) < 0)
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:507:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:527:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = open (filename, O_RDONLY)) < 0)
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:551:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:565:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = open (filename, O_RDONLY)) < 0)
data/montage-6.0+dfsg/lib/src/montage_wcs/findstar.c:56:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char imcatname[256] = "";
data/montage-6.0+dfsg/lib/src/montage_wcs/findstar.c:172:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char trimsec[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/findstar.c:215:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xborder1 = atoi (tx1+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/findstar.c:219:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xborder2 = w - atoi (tx2);
data/montage-6.0+dfsg/lib/src/montage_wcs/findstar.c:223:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yborder1 = atoi (tx3);
data/montage-6.0+dfsg/lib/src/montage_wcs/findstar.c:227:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yborder2 = atoi (tx4) - h;
data/montage-6.0+dfsg/lib/src/montage_wcs/findstar.c:877:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setnspix (atoi (parvalue));
data/montage-6.0+dfsg/lib/src/montage_wcs/findstar.c:880:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setispix (atoi (parvalue));
data/montage-6.0+dfsg/lib/src/montage_wcs/findstar.c:883:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setniterate (atoi (parvalue));
data/montage-6.0+dfsg/lib/src/montage_wcs/findstar.c:885:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setborder (atoi (parvalue));
data/montage-6.0+dfsg/lib/src/montage_wcs/findstar.c:887:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setmaxrad (atoi (parvalue));
data/montage-6.0+dfsg/lib/src/montage_wcs/findstar.c:889:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setminrad (atoi (parvalue));
data/montage-6.0+dfsg/lib/src/montage_wcs/findstar.c:893:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setmaxwalk (atoi (parvalue));
data/montage-6.0+dfsg/lib/src/montage_wcs/findstar.c:895:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setminsep (atoi (parvalue));
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:89:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fitserrmsg[80];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitsbuf[2884];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:125:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extname[32]; /* FITS extension name */
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extnam[32]; /* Desired FITS extension name */
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:178:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
extnum = atoi (ext+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:914:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:970:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "NAXIS%d", iaxis);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1055:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (inpath, O_RDONLY);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1096:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1165:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tname[12];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1166:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1167:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tform[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1230:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tname, "TTYPE%d", ifield+1);;
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1246:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tname, "TBCOL%d", ifield+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1253:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tname, "TFORM%d", ifield+1);;
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1279:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
kl = atoi (tf1);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1398:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[30];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1436:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[30];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1474:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[30];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1512:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[30];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1584:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (filename, O_WRONLY);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1591:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (filename, O_RDWR+O_CREAT, 0666);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1623:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (filename, O_WRONLY);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1631:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (filename, O_APPEND, 0666);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1662:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1732:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "NAXIS%d", iaxis);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1885:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdout = open (filename, O_WRONLY);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1892:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdout = open (filename, O_RDWR+O_CREAT, 0666);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1971:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (filename, O_WRONLY);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1978:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (filename, O_RDWR+O_CREAT, 0666);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:2071:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (filename, O_WRONLY);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:2103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:2125:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = open (filename, O_RDONLY)) < 0) {
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.h:41:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kname[10]; /* Keyword for table entry */
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.h:46:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kform[8]; /* Format for this value */
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.h:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char white[MAXWHITE]; /* Whitespace (separator) characters */
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.h:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tok1[MAXTOKENS]; /* Pointers to start of tokens */
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile1.h:36:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kname[10]; /* Keyword for table entry */
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:146:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char flds[19][8];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:151:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32],decstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:157:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[0], "CTYPE1");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:158:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[1], "CTYPE2");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:159:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[2], "CRVAL1");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:160:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[3], "CRVAL2");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:161:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[4], "CDELT1");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:162:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[5], "CDELT2");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:163:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[6], "CRPIX1");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:164:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[7], "CRPIX2");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:165:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[8], "CROTA1");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:166:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[9], "CROTA2");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:167:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[10], "IMWCS");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:168:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[11], "CD1_1");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:169:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[12], "CD1_2");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:170:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[13], "CD2_1");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:171:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[14], "CD2_2");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:172:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[15], "PC1_1");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:173:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[16], "PC1_2");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:174:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[17], "PC2_1");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:175:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[18], "PC2_2");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:186:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "PV1_%d", i);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:192:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "PV2_%d", i);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:203:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:206:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PC%03d%03d", i, j);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:304:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:307:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO1_%d", i);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:315:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO2_%d", i);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:340:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[80];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:343:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:381:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO1_%d",i+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:391:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO2_%d",i+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:440:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char wcsproj[8]="TAN"; /* WCS projection name */
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:457:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wcstemp[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:496:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcstemp, "RA---");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:501:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcstemp, "DEC--");
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:558:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:561:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "CO1_%d",i+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:566:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/fitswcs.c:569:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "CO2_%d",i+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/fortcat.c:54:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char catdir[64]="/data/catalogs";
data/montage-6.0+dfsg/lib/src/montage_wcs/gsc2read.c:46:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gsc23url[64]="http://gsss.stsci.edu/webservices/vo/CatalogSearch.aspx";
data/montage-6.0+dfsg/lib/src/montage_wcs/gsc2read.c:78:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srchurl[LINE];
data/montage-6.0+dfsg/lib/src/montage_wcs/gsc2read.c:79:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/gsc2read.c:86:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sr[4], sd[4];
data/montage-6.0+dfsg/lib/src/montage_wcs/gsc2read.c:109:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (srchurl, "?RA=%.6f&DEC=%.6f&", ra, dec);
data/montage-6.0+dfsg/lib/src/montage_wcs/gsc2read.c:117:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "EQ=2000&SR=%.3f&FORMAT=tsv&CAT=gsc23&", dr);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cdn[64]="/data/astrocat/gsc1";
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:47:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cds[64]="/data/astrocat/gsc2";
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:50:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cdna[64]="/data/astrocat/gscact1";
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:53:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cdsa[64]="/data/astrocat/gscact2";
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inpath[64]; /* Pathname for input FITS table file */
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[100]; /* Buffer for FITS table row */
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32], numstr[32], rastr[32], decstr[32], catid[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:239:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[0].kname,"GSC_ID");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:240:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[1].kname,"RA_DEG");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:241:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[2].kname,"DEC_DEG");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:242:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[3].kname,"POS_ERR");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:243:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[4].kname,"MAG");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:244:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[5].kname,"MAG_ERR");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:245:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[6].kname,"MAG_BAND");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:246:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[7].kname,"CLASS");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:553:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inpath[64]; /* Pathname for input FITS table file */
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:554:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[100]; /* Buffer for FITS table row */
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:619:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[0].kname,"GSC_ID");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:620:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[1].kname,"RA_DEG");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:621:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[2].kname,"DEC_DEG");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:622:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[3].kname,"POS_ERR");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:623:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[4].kname,"MAG");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:624:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[5].kname,"MAG_ERR");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:625:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[6].kname,"MAG_BAND");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:626:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[7].kname,"CLASS");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:796:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inpath[64]; /* Pathname for input FITS table file */
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:797:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[100]; /* Buffer for FITS table row */
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:817:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:899:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[0].kname,"GSC_ID");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:900:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[1].kname,"RA_DEG");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:901:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[2].kname,"DEC_DEG");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:902:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[3].kname,"POS_ERR");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:903:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[4].kname,"MAG");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:904:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[5].kname,"MAG_ERR");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:905:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[6].kname,"MAG_BAND");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:906:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kw[7].kname,"CLASS");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1110:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zdir[24][8]={"n0000","n0730","n1500","n2230","n3000","n3730","n4500",
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1136:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tabpath[64]; /* Pathname for regions table */
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitsline[120];
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1154:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[0].kname,"REG_NO");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1155:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[1].kname,"RA_H_LOW");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1156:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[2].kname,"RA_M_LOW");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1157:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[3].kname,"RA_S_LOW");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1158:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[4].kname,"RA_H_HI");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1159:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[5].kname,"RA_M_HI");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1160:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[6].kname,"RA_S_HI");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1161:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[7].kname,"DECSI_LO");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1162:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[8].kname,"DEC_D_LO");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1163:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[9].kname,"DEC_M_LO");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1164:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[10].kname,"DECSI_HI");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1165:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[11].kname,"DEC_D_HI");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1166:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (rkw[12].kname,"DEC_M_HI");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1190:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tabpath,"/tables/regions.tbl");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1202:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tabpath,"/tables/regions.tbl");
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1389:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sgn[4]; /* Sign of declination */
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:78:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char val[VLENGTH+1];
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword1[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:380:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword1[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:667:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keywordi[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:669:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyform[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:676:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (keyform, "%s_%d");
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:680:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (keyform, "%s_%02d");
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:684:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (keyform, "%s_%03d");
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:686:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (keyform, "%s_%03d");
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:744:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword1[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:844:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cval[80];
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:846:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwhite[2];
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:847:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char squot[2], dquot[2], lbracket[2], rbracket[2], slash[2], comma[2];
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:849:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[81]; /* large for ESO hierarchical keywords */
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:850:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1008:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ipar = atoi (brack1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1333:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
deg = (double) atoi (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1340:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = (double) atoi (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1350:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = (double) atoi (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1364:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dec = sign * (double) atoi (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:78:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:81:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (value,"%d",ival);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:98:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:101:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (value, "%f", *rval);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:123:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (value, "%g", dval);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:143:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:149:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (format, "%%.%dg", -ndec);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:156:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (format, "%%.%df", ndec);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:177:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:199:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:252:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:279:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyroot[8], newkey[12], value[80];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:359:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[80];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:406:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:407:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newcom[50];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:602:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:889:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstring[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:929:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%09.6f",hours,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:941:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%08.5f",hours,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:953:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%07.4f",hours,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:965:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%06.3f",hours,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:977:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%05.2f",hours,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:989:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%04.1f",hours,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1002:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%02d",hours,minutes,isec);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1034:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstring[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1078:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%09.6f",sign,degrees,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1089:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%08.5f",sign,degrees,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1100:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%07.4f",sign,degrees,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1111:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%06.3f",sign,degrees,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1122:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%05.2f",sign,degrees,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1133:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%04.1f",sign,degrees,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1145:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%02d",sign,degrees,minutes,isec);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1171:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char degform[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1173:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstring[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1193:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (degform, "%%%d.%df", field, ndec);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1197:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (degform, "%%%4d", field);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1224:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numform[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1228:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numform, "%%%d.%df", field, ndec);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1232:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numform, "%%%dd", field);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1238:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numform, "%%.%df", ndec);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1242:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%d", (int)num);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:78:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:81:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (value,"%d",ival);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:98:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:101:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (value, "%f", *rval);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:123:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (value, "%g", dval);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:143:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:149:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (format, "%%.%dg", -ndec);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:156:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (format, "%%.%df", ndec);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:177:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:199:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[30];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:252:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:279:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyroot[8], newkey[12], value[80];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:357:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[80];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:404:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:405:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newcom[50];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:596:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[100];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:854:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstring[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:894:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%09.6f",hours,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:906:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%08.5f",hours,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:918:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%07.4f",hours,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:930:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%06.3f",hours,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:942:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%05.2f",hours,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:954:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%04.1f",hours,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:967:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%02d:%02d:%02d",hours,minutes,isec);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:999:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstring[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1043:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%09.6f",sign,degrees,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1054:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%08.5f",sign,degrees,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1065:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%07.4f",sign,degrees,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1076:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%06.3f",sign,degrees,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1087:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%05.2f",sign,degrees,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1098:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%04.1f",sign,degrees,minutes,seconds);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1110:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (tstring,"%c%02d:%02d:%02d",sign,degrees,minutes,isec);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1136:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char degform[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1138:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstring[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1158:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (degform, "%%%d.%df", field, ndec);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1162:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (degform, "%%%4d", field);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1189:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numform[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1193:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numform, "%%%d.%df", field, ndec);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1197:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numform, "%%%dd", field);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1203:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (numform, "%%.%df", ndec);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1207:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (string, "%d", (int)num);
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:56:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char val[30];
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:292:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *value,val[30];
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:358:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cval[MAX_LVAL];
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:360:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwhite[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:361:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lbracket[2],rbracket[2];
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:362:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:363:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAX_LVAL];
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:411:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ipar = atoi (c1);
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:60:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ctypes[NWCSTYPE][4]; /* 3-letter codes for projections */
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:94:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rstr[64], dstr[64], cstr[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:386:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:470:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (temp,"RA---");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:473:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (temp,"DEC--");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:652:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[0], "LIN");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:653:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[1], "AZP");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:654:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[2], "SZP");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:655:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[3], "TAN");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:656:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[4], "SIN");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:657:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[5], "STG");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:658:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[6], "ARC");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:659:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[7], "ZPN");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:660:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[8], "ZEA");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:661:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[9], "AIR");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:662:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[10], "CYP");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:663:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[11], "CAR");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:664:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[12], "MER");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:665:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[13], "CEA");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:666:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[14], "COP");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:667:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[15], "COD");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:668:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[16], "COE");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:669:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[17], "COO");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:670:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[18], "BON");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:671:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[19], "PCO");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:672:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[20], "SFL");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:673:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[21], "PAR");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:674:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[22], "AIT");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:675:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[23], "MOL");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:676:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[24], "CSC");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:677:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[25], "QSC");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:678:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[26], "TSC");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:679:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[27], "NCP");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:680:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[28], "GLS");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:681:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[29], "DSS");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:682:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[30], "PLT");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:683:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[31], "TNX");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:684:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[32], "ZPX");
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:685:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[33], "TPV");
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:198:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen (filename, "rb");
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:270:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pixname[SZ_IM2PIXFILE+1];
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:271:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newpixname[SZ_IM2HDRFILE+1];
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:286:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen (bang + 1, "rb");
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:288:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen (pixname, "rb");
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:297:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen (newpixname, "rb");
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:495:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fhead, *fhead1, *fp, endline[81];
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:497:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fitsline[81];
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:679:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (fitsline, "IRAF header file name");
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:711:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (fitsline, "IRAF .pix pixel file");
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:897:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (hdrname, O_WRONLY);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:904:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (hdrname, O_RDWR+O_CREAT, 0666);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:941:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pixname[SZ_IM2PIXFILE+1];
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:994:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (pixname, O_WRONLY);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1001:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (pixname, O_RDWR+O_CREAT, 0666);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fitsend, *fitsp, pixfile[SZ_IM2PIXFILE], hdrfile[SZ_IM2HDRFILE];
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[SZ_IM2TITLE], temp[80];
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1227:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (temp, "HDR$");
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1233:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (temp, "HDR$");
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1253:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (temp, "HDR$");
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1763:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/imio.c:1453:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:63:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char history[128];
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:373:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char flds[15][8];
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:374:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[16], ctype2[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:378:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[0], "CTYPE1");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:379:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[1], "CTYPE2");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:380:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[2], "CRVAL1");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:381:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[3], "CRVAL2");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:382:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[4], "CDELT1");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:383:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[5], "CDELT2");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:384:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[6], "CRPIX1");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:385:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[7], "CRPIX2");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:386:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[8], "CROTA1");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:387:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[9], "CROTA2");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:388:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[10], "IMWCS");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:389:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[11], "CD1_1");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:390:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[12], "CD1_2");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:391:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[13], "CD2_1");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:392:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[14], "CD2_2");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:615:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:618:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO1_%d", i);
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate.c:622:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO2_%d", i);
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:64:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char history[128];
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:374:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char flds[15][8];
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:375:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[16], ctype2[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:379:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[0], "CTYPE1");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:380:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[1], "CTYPE2");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:381:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[2], "CRVAL1");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:382:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[3], "CRVAL2");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:383:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[4], "CDELT1");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:384:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[5], "CDELT2");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:385:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[6], "CRPIX1");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:386:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[7], "CRPIX2");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:387:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[8], "CROTA1");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:388:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[9], "CROTA2");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:389:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[10], "IMWCS");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:390:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[11], "CD1_1");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:391:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[12], "CD1_2");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:392:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[13], "CD2_1");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:393:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (flds[14], "CD2_2");
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:622:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:625:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO1_%d", i);
data/montage-6.0+dfsg/lib/src/montage_wcs/imrotate1.c:629:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO2_%d", i);
data/montage-6.0+dfsg/lib/src/montage_wcs/imsetwcs.c:79:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char matchcat[32]=""; /* Match catalog name */
data/montage-6.0+dfsg/lib/src/montage_wcs/imsetwcs.c:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/imsetwcs.c:154:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rstr[32], dstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/imsetwcs.c:159:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refcoor[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/imsetwcs.c:160:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[80];
data/montage-6.0+dfsg/lib/src/montage_wcs/imsetwcs.c:549:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32], decstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/imsetwcs.c:863:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
free ((char *)gm[imag]);
data/montage-6.0+dfsg/lib/src/montage_wcs/imsetwcs.c:933:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rstr[32], dstr[32], numstr[32], xstr[32], ystr[32], mstr[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/imutil.c:2558:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char history[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/imutil.c:2646:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (history, " mean");
data/montage-6.0+dfsg/lib/src/montage_wcs/imutil.c:2648:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (history, " sum");
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar.c:130:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32], decstr[32], numstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar.c:134:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vpar[16]; /* List of parameters to fit */
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar.c:487:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (vpar, "%d", pfit);
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar.c:555:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wcstring[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar.c:736:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32], decstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar.c:744:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1025];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar.c:749:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[256];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar.c:760:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fd = fopen (filename, "r"))) {
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar.c:968:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32], decstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar.c:1103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32], decstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar.c:1107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vpar[16]; /* List of parameters to fit */
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar.c:1207:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (vpar, "%d", pfit);
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar.c:1275:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wcstring[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar.c:1395:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32],decstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar.c:1652:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32], decstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar.c:1693:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32],decstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar1.c:128:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16], decstr[16], numstr[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar1.c:132:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vpar[16]; /* List of parameters to fit */
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar1.c:375:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (vpar, "%d", pfit);
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar1.c:443:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wcstring[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar1.c:624:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32], decstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar1.c:632:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1025];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar1.c:637:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[256];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar1.c:648:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fd = fopen (filename, "r"))) {
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar1.c:934:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16], decstr[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar1.c:938:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vpar[16]; /* List of parameters to fit */
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar1.c:1035:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (vpar, "%d", pfit);
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar1.c:1103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wcstring[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar1.c:1223:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16],decstr[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar1.c:1480:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16], decstr[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar1.c:1521:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[16],decstr[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/platefit.c:224:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32], decstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/platepos.c:366:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/platepos.c:370:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO1_%d",i+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/platepos.c:374:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO2_%d",i+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/poly.c:66:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[512];
data/montage-6.0+dfsg/lib/src/montage_wcs/poly.c:74:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "The dimensionality of the polynom (%d) exceeds the maximum\n"
data/montage-6.0+dfsg/lib/src/montage_wcs/poly.c:107:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "The degree of the polynom (%d) exceeds the maximum\n"
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:243:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pcodes[28][4] =
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:299:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char pcode[4];
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:424:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "AZP");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:606:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "SZP");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:794:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "TAN");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:904:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "STG");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:1004:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "SIN");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:1194:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "ARC");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:1292:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "ZPN");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:1545:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "ZEA");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:1659:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "AIR");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:1831:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "CYP");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:1950:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "CEA");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:2051:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "CAR");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:2131:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "MER");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:2215:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "SFL");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:2304:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "PAR");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:2410:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "MOL");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:2556:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "AIT");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:2674:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "COP");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:2805:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "COE");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:2941:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "COD");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:3057:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "COO");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:3192:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "BON");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:3305:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "PCO");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:3464:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "TSC");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:3683:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "CSC");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:4003:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "QSC");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:4412:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "HPX");
data/montage-6.0+dfsg/lib/src/montage_wcs/proj.c:4589:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(prj->code, "XPH");
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:60:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sdssrurl[64]="http://skyserver.sdss.org/dr7/en/tools/search/x_radial.asp";
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:61:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sdssburl[64]="http://skyserver.sdss.org/dr7/en/tools/search/x_rect.asp";
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:72:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sdssmag[6]="ugriz";
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:101:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srchurl[LINE];
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:102:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32], decstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:142:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (srchurl, "?ra=%.5f&dec=%.5f&radius=%.3f",
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:147:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (srchurl, "?ra=%.5f&dec=%.5f&radius=%.3f",
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:157:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&check_%c=%c&min_%c=%.2f&max_%c=%.2f",
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:162:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&entries=top&topnum=%d&format=csv",nstar);
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:219:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colhead[180]="objID run rerun camcol field obj type ra dec umag gmag rmag imag zmag uerr gerr rerr ierr zerr \n";
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:220:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colsep[180]="------------------ --- ----- ------ ----- --- ---- ---------- --------- ------ ------ ------ ------ ------ -------- ------ -------- -------- -------\n";
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:48:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tabhead[500]; /* Starbase header for returned data */
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:80:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (obsname, "FLWO Whipple Observatory, Mt. Hopkins");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:82:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (obsname, "HCO Oak Ridge");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:84:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (obsname, "HCO Cambridge");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:86:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (obsname, "Boyden Observatory, Bloemfontein");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:88:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (obsname, "HCO Arequipa, Peru");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:90:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (obsname, "Geocenter");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:92:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (obsname, "IAU %d", obscode);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:97:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char skyboturl[128]="http://www.imcce.fr/webservices/skybot/skybot_query.php";
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srchurl[LINE];
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:136:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32], decstr[32], temp[256], tstr[80];
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:139:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (tabhead, "catalog\tSkyBot\n");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:140:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tabhead, "equinox\t2000.0\n");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:141:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tabhead, "radecsys\tFK5\n");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:169:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (srchurl, "?-ep=%.5f&", jdout);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:175:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "-ra=%.5f&-dec=%.5f&", ra, dec);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:190:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "-rd=%.5f&", dradx);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:191:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tstr, "dra\t%.5f\n", -drad);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:193:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tstr, "ddec\t%.5f\n", -drad);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:201:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "-rd=%.5f&", dradx);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:202:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tstr, "rad\t%.5f\n", dradx);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:210:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "-rd=%.5f&", dradx);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:211:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tstr, "dra\t%.6f\n", dra);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:213:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tstr, "ddec\t%.6f\n", ddec);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:218:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tabhead, "rpmunit\tarcsec/hour\n");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:219:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tabhead, "dpmunit\tarcsec/hour\n");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:224:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (srchurl, "-mime=text&");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:227:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "loc=%03d&", obscode);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:231:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (srchurl, "-objFilter=110&");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:237:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (srchurl, "-from=WCSTools");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:307:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[16], format[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:342:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (colhead, "object ");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:346:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (colhead, "ra ");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:350:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (colhead, "dec ");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:353:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (colhead, "class ");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:356:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (colhead, "vmag ");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:359:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (colhead, "poserr");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:362:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (colhead, "offset");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:365:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (colhead, "rapm ");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:368:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (colhead, "decpm ");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:371:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (colhead, "gdist ");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:374:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (colhead, "hdist ");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:449:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (format,"%%%d.%df",lra,lra-4);
data/montage-6.0+dfsg/lib/src/montage_wcs/str2ang.c:70:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
deg = (double) atoi (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/str2ang.c:77:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = (double) atoi (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/str2ang.c:87:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = (double) atoi (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/str2ang.c:101:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dec = sign * (double) atoi (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:138:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:484:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numstr[32]; /* Catalog number */
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:488:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:489:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:494:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32], decstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:781:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1131:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[TABMAX];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1208:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1209:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1290:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyra, "long_gal");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1292:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyra, "long_gal");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1300:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyra, "long_ecl");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1302:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyra, "long_ecl");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1324:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keydec, "lat_gal");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1326:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keydec, "lat_gal");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1334:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keydec, "lat_ecl");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1336:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keydec, "lat_ecl");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1345:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keydec, "dec");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1400:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyrpm, "ura");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1402:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyrpm, "rapm");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1404:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyrpm, "pmra");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1406:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyrpm, "dra");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1408:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyrpm, "ux");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1414:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keydpm, "udec");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1416:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keydpm, "decpm");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1418:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keydpm, "pmdec");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1420:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyrpm, "ddec");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1422:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keydpm, "uy");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1431:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr,"mas/yr");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1503:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyrv, "rv");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1505:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyrv, "cz");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1516:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyepoch, "epoch");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1518:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keyepoch, "ep");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1534:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keypeak, "PEAK");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1536:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keypeak, "peak");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1538:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keypeak, "plate");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1542:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keypeak, "field");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1546:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keypeak, "class");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1550:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keypeak, "class");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1562:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keytype, "spt");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1564:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sc->keytype, "type");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1671:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (cstr,"%.0f", (dnum * 100000000.0) + 0.1);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1722:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cnum[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1723:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1730:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[24];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1774:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ireg = atoi (cn) / 100000;
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1775:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
inum = atoi (cn) % 100000;
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1788:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (cn,"%.0f", (st->num * 100000000.0) + 0.1);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1925:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (st->isp, "__");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1952:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tabcstr[4];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1992:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (tabfile, "r"))) {
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2066:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
itab = atoi (tabname);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2319:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[24];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2321:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (str, "0.0");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2337:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[24];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2339:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (str, "0.0");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2355:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[24];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2357:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (str, "0.0");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2375:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[24];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2433:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[24];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2453:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[24];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2473:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *str0, *str1, *line, *head, keylow[24], keyup[24];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2702:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2738:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/tabsort.c:21:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[500];
data/montage-6.0+dfsg/lib/src/montage_wcs/tabsort.c:22:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:49:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmc2path[64]="/data/astrocat/2MASS";
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:50:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmcapath[64]="/data/astrocat/tmc";
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:51:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmcepath[64]="/data/astrocat2/tmce";
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:52:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmxpath[64]="/data/astrocat/tmx";
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inpath[128]; /* Pathname for input region file */
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:124:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32], rastr[32], decstr[32], numstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmcenv[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:131:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (tmcenv, "TMCIDR2_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:136:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (tmcenv, "TMX_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:141:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (tmcenv, "TMCE_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:146:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (tmcenv, "TMC_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:169:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catfile, "tmc");
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:171:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catfile, "tmce");
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:173:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catfile, "tmx");
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:175:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (catfile, "tmidr2");
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:537:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inpath[128]; /* Pathname for input region file */
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:550:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmcenv[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:555:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (tmcenv, "TMCIDR2_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:560:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (tmcenv, "TMX_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:565:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (tmcenv, "TMCE_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:570:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (tmcenv, "TMC_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:687:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inpath[128]; /* Pathname for input region file */
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:706:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:708:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmcenv[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:718:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (tmcenv, "TMCIDR2_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:722:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (tmcenv, "TMX_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:726:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (tmcenv, "TMCE_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:730:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (tmcenv, "TMC_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:934:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rdir[50][4]={"0", "1", "2", "3", "4", "5a", "5b", "6a", "6b", "6c",
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:1114:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (zonepath, "r"))) {
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:1224:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decstrx[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:1244:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:1295:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastrx[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:1296:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:1400:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[500];
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:43:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ty2cd[64]="/data/astrocat/tycho2";
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:98:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inpath[128]; /* Pathname for input region file */
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32], rastr[32], decstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:474:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inpath[128]; /* Pathname for input region file */
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:646:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inpath[128]; /* Pathname for input region file */
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:665:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:914:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tabpath,"/data/index.dat");
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:930:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*star1 = atoi (line);
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:933:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*star2 = atoi (line+indnchar);
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:990:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tabpath,"/data/index.dat");
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:1075:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num1 = atoi (line);
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:1076:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num2 = atoi (line+indnchar);
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:1206:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (ty2path, "/data/catalog.dat");
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:1219:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (ty2path, "r"))) {
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:1392:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((diskfile = fopen (filename, "r")) == NULL)
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:47:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ua2path[64]="/data/astrocat/ua2";
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:55:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char usa2path[64]="/data/astrocat/usnosa20";
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:59:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char usa1path[64]="/data/astrocat/usnosa10";
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:65:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ua1path[64]="/data/astrocat/ua1";
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:71:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cdroot[32]="/cdrom";
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:74:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cdname[11][8]={"ua001","ua002","ua003","ua004","ua005","ua006",
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:218:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32], rastr[32], numstr[32], decstr[32], catid[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:822:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:1247:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastrx[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:1267:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:1311:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zonepath[64]; /* Pathname for input UA zone file */
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:1331:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (zonepath, "rb"))) {
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:45:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ub1path[64]="/data/ub1";
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:49:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char yb6path[64]="/data/astrocat2/usnoyb6";
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:161:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32], rastr[32], numstr[32], decstr[32], catid[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:816:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:1304:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastrx[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:1324:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:1368:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zonepath[64]; /* Pathname for input UB zone file */
data/montage-6.0+dfsg/lib/src/montage_wcs/ubcread.c:1388:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (zonepath, "rb"))) {
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:76:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char e2mpho[3];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:80:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char catflg[10];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:136:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ucac1path[64]="/data/astrocat/ucac1";
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:139:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ucac2path[64]="/data/astrocat/ucac2";
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:142:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ucac3path[64]="/data/astrocat/ucac3";
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:145:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ucac4path[64]="/data/astrocat/ucac4/u4b";
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:224:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32], rastr[32], decstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:225:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ucacenv[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:239:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC2_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:246:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC3_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:253:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC4_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:259:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC1_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:695:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ucacenv[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:713:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC4_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:720:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC3_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:727:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC2_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:733:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC1_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:911:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:912:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ucacenv[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:930:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC4_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:936:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC3_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:942:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC2_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:947:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC1_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:1217:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastrx[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:1247:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:1336:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (zonepath, "r"))) {
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:1504:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:1514:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inLine[MAX_U4HPM_LINE];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:1708:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
hpmHandle = fopen(hpmpath,"rt");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:74:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char e2mpho[3];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:78:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char catflg[10];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:85:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ucac1path[64]="/data/astrocat/ucac1";
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:88:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ucac2path[64]="/data/astrocat/ucac2";
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:91:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ucac3path[64]="/data/astrocat/ucac3";
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:171:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32], rastr[32], decstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:172:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ucacenv[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:186:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC2_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:194:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC3_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:201:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC1_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:636:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ucacenv[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:654:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC3_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:662:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC2_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:669:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC1_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:835:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:836:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ucacenv[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:854:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC3_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:860:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC2_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:865:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ucacenv, "UCAC1_PATH");
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:1125:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastrx[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:1140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:1158:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:1280:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (zonepath, "r"))) {
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:1405:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:39:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cdu[64]="/data/ujcat/catalog"; /* pathname of UJ 1.0 CDROM */
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:108:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:125:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[128];
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:409:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[128];
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:522:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:539:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[128];
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:861:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastrx[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:880:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:924:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zonepath[128]; /* Pathname for input UJ zone file */
data/montage-6.0+dfsg/lib/src/montage_wcs/ujcread.c:944:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fcat = fopen (zonepath, "rb"))) {
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:90:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char wcserrmsg[80];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:91:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char wcsfile[256]={""};
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:184:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->c1type,"RA");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:185:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->c2type,"DEC");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:191:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->ctype[0],"RA---");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:192:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->ctype[1],"DEC--");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:211:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys,"FK5");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:213:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys,"FK4");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:310:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys,"FK5");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:312:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys,"FK4");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:346:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctypes[NWCSTYPE][4];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:347:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dtypes[10][4];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:350:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[0], "LIN");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:351:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[1], "AZP");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:352:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[2], "SZP");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:353:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[3], "TAN");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:354:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[4], "SIN");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:355:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[5], "STG");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:356:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[6], "ARC");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:357:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[7], "ZPN");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:358:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[8], "ZEA");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:359:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[9], "AIR");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:360:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[10], "CYP");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:361:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[11], "CAR");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:362:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[12], "MER");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:363:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[13], "CEA");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:364:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[14], "COP");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:365:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[15], "COD");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:366:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[16], "COE");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:367:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[17], "COO");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:368:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[18], "BON");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:369:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[19], "PCO");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:370:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[20], "SFL");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:371:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[21], "PAR");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:372:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[22], "AIT");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:373:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[23], "MOL");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:374:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[24], "CSC");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:375:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[25], "QSC");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:376:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[26], "TSC");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:377:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[27], "HPX");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:378:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[28], "XPH");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:379:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[29], "NCP");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:380:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[30], "GLS");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:381:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[31], "DSS");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:382:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[32], "PLT");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:383:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[33], "TNX");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:384:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[34], "ZPX");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:385:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ctypes[35], "TPV");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:388:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dtypes[1], "SIP");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:515:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys,"NPOLE");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:522:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys,"SPA");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:691:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys, "FK5");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:712:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys, "FK4");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1191:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wcstring[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1564:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[120];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1565:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comform[120];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1566:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xystring[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1578:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (comform, "sgsc -ah %s");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1588:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf (xystring, "%.2f %.2f", xfile, yfile);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1668:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (wcs->radecout+1,"%.4f", wcs->equinox);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1680:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecout, "B1950");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1685:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (wcs->radecout+1,"%.4f", wcs->equinox);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1697:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecout, "J2000");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1776:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (wcs->radecin+1,"%.4f", wcs->equinox);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1788:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecin, "B1950");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1793:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (wcs->radecin+1,"%.4f", wcs->equinox);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1805:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecin, "J2000");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1906:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[32], decstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1919:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf (wcstring,"Off map");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1979:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (wcstring," galactic");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1981:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (wcstring," galactic");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1989:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (wcstring," ecliptic");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1991:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (wcstring," ecliptic");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1999:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (wcstring," planet");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2001:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (wcstring," planet");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2009:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (wcstring," alt-az");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2011:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (wcstring," alt-az");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2019:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (wcstring," long-npa");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2021:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (wcstring," long-npa");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2029:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (wcstring," long-spa");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2031:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (wcstring," long-spa");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2079:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (wcstring, " linear");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2486:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char wcscoor0[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2500:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *wcscom0[10];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2521:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char envar[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2528:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (envar, "WCS_COMMAND");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2530:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (envar, "WCS_COMMAND%d", i);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2590:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kwdc[16], keyword[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2591:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstr[80];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2601:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "EPOCH");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2603:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "EQUINOX");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2605:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "RADECSYS");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2607:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "CTYPE1");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2609:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "CTYPE2");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2611:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "CRVAL1");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2613:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "CRVAL2");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2615:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "CDELT1");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2617:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "CDELT2");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2619:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "CRPIX1");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2621:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "CRPIX2");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2623:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "CROTA1");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2625:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "CROTA2");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2627:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "CD1_1");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2629:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "CD1_2");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2631:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "CD2_1");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2633:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "CD2_2");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2635:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "PC1_1");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2637:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "PC1_2");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2639:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "PC2_1");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2641:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "PC2_2");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2643:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "PC001001");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2645:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "PC001002");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2647:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "PC002001");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2649:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "PC002002");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2651:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "LATPOLE");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2653:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwd[++nkwd], "LONPOLE");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2656:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO1_%d", i);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2661:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO2_%d", i);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2666:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PROJP%d", i);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2671:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PV1_%d", i);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2676:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PV2_%d", i);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2702:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwdc, "PC1_1");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2704:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwdc, "PC1_2");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2706:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwdc, "PC2_1");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2708:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwdc, "PC2_2");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2720:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (kwdc, "RADECSY");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.h:121:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char instrument[32]; /* Instrument name */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.h:122:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype[9][9]; /* Values of CTYPEn keywords */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.h:123:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c1type[9]; /* 1st coordinate type code:
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.h:125:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c2type[9]; /* 2nd coordinate type code:
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.h:127:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptype[9]; /* projection type code:
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.h:129:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char units[9][32]; /* Units if LINEAR */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.h:130:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char radecsys[32]; /* Reference frame: FK4, FK4-NO-E, FK5, GAPPT*/
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.h:131:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char radecout[32]; /* Output reference frame: FK4,FK5,GAL,ECL */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.h:132:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char radecin[32]; /* Input reference frame: FK4,FK5,GAL,ECL */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.h:140:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char center[32]; /* Center coordinates (with frame) */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.h:149:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *command_format[10]; /* WCS command formats */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat.h:41:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char isp[24]; /* Spectral type or other 2-char identifier */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat.h:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char objname[80]; /* Object name */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat.h:96:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char isfil[24]; /* Star catalog file name */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat.h:97:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char isname[64]; /* Star catalog description */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat.h:106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char incdir[128]; /* Catalog directory pathname */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat.h:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char incfile[32]; /* Catalog file name */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat.h:139:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyid[16]; /* Entry name for ID */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat.h:140:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyra[16]; /* Entry name for right ascension */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat.h:141:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keydec[16]; /* Entry name for declination */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat.h:142:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keymag[MAXNMAG+1][16]; /* Entry name for up to MAXNMAG magnitudes */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat.h:143:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyrpm[16]; /* Entry name for right ascension proper motion */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat.h:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keydpm[16]; /* Entry name for declination proper motion */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat.h:145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keypeak[16]; /* Entry name for integer code */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat.h:146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keytype[16]; /* Entry name for spectral type */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat.h:147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyrv[16]; /* Entry name for radial velocity */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat.h:148:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyadd[16]; /* Entry name for additional keyword */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat.h:149:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyepoch[16]; /* Entry name for epoch */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:38:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char isp[24]; /* Spectral type or other 2-char identifier */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:53:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char objname[80]; /* Object name */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:88:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char isfil[24]; /* Star catalog file name */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:89:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char isname[64]; /* Star catalog description */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:98:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char incdir[128]; /* Catalog directory pathname */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:99:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char incfile[32]; /* Catalog file name */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:131:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyid[16]; /* Entry name for ID */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:132:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyra[16]; /* Entry name for right ascension */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:133:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keydec[16]; /* Entry name for declination */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:134:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keymag[10][16]; /* Entry name for up to 10 magnitudes */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:135:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyrpm[16]; /* Entry name for right ascension proper motion */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:136:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keydpm[16]; /* Entry name for declination proper motion */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:137:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keypeak[16]; /* Entry name for integer code */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:138:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keytype[16]; /* Entry name for spectral type */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:139:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyrv[16]; /* Entry name for radial velocity */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:140:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyadd[16]; /* Entry name for additional keyword */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:141:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyepoch[16]; /* Entry name for epoch */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:213:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char white[MAXWHITE]; /* Whitespace (separator) characters */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscat1.h:214:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tok1[MAXTOKENS]; /* Pointers to start of tokens */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon.c:751:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "XY");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon.c:782:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "B1950");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon.c:784:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (cstr, "B%7.2f", equinox);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon.c:792:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "galactic");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon.c:794:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "ecliptic");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon.c:797:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "J2000");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon.c:799:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (cstr, "J%7.2f", equinox);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon.c:807:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "ICRS");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon.c:810:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "PLANET");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon.c:813:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "LINEAR");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon.c:1701:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf (eqcoor,"%02d:%02d:%06.3f %c%02d:%02d:%05.2f",
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon1.c:749:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "XY");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon1.c:780:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "B1950");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon1.c:782:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (cstr, "B%7.2f", equinox);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon1.c:790:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "galactic");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon1.c:792:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "ecliptic");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon1.c:795:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "J2000");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon1.c:797:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (cstr, "J%7.2f", equinox);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon1.c:805:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "ICRS");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon1.c:808:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "PLANET");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon1.c:811:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cstr, "LINEAR");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcscon1.c:1700:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void)sprintf (eqcoor,"%02d:%02d:%06.3f %c%02d:%02d:%05.2f",
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[12];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *upval, value[72];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:121:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (keyword, "WCSNAME");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:221:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[32], ctype2[32], tstring[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:222:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pvkey1[8],pvkey2[8],pvkey3[8];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:228:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:235:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[80];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:236:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wcsname[64]; /* Name of WCS depended on by current WCS */
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:328:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (keyword, "NAXIS");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:329:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "%d", i+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:347:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (keyword, "CTYPE");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:490:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PROJP%d",i);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:494:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (pvkey1, "PV%d_1", ilat);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:495:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (pvkey2, "PV%d_2", ilat);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:496:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (pvkey3, "PV%d_3", ilat);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:535:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PV%d_%d", ilat, i);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:591:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (wcs->ptype, "PLATE");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:593:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO1_%d", i+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:600:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"CO2_%d",i+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:718:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "PC00%1d00%1d", i+1, j+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:734:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword, "PC%1d_%1d", i+1, j+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:781:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(keyword, "PV%d_%d", k+1, j);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:841:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(void) sprintf (temp, "WCSINITC: No image scale for WCS %c", mchar);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:870:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys,"FK4");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:872:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys,"FK5");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:884:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"PPO%d", i+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:890:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"AMDX%d", i+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:896:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (keyword,"AMDY%d",i+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:901:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (wcs->c1type, "RA");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:902:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (wcs->c2type, "DEC");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:903:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
(void)strcpy (wcs->ptype, "DSS");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:908:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->ctype[0], "RA---DSS");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:909:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->ctype[1], "DEC--DSS");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1136:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[80];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1308:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys, "LINEAR");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1310:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys, "PIXEL");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1314:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecout, "FK4");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1316:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecout, "FK5");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1352:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char systring[32], eqstring[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1353:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char radeckey[16], eqkey[16];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1354:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tstring[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1361:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (eqkey, "EQUINOX%c", mchar[0]);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1362:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (radeckey, "RADECSYS%c", mchar[0]);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1365:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (eqkey, "EQUINOX");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1366:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (radeckey, "RADECSYS");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1370:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (eqkey, "EQUINOX");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1374:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (radeckey, "RADECSYS");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1379:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ieq = atoi (eqstring+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1380:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (systring, "FK5");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1385:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (systring, "FK4");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1430:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (systring,"FK5");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1475:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys,"FK5");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1477:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys,"FK4");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1482:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys,"GALACTIC");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1484:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys,"ECLIPTIC");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1486:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys,"SGALACTC");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1488:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys,"HELIOECL");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1490:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys,"ALTAZ");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1492:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (wcs->radecsys,"LINEAR");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:432:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aliases [2][4] = {"NCP", "GLS"};
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:436:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char requir[9];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:476:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(wcs->pcode, "%.3s", &ctype[j][5]);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:480:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(wcs->lngtyp, "RA");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:481:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(wcs->lattyp, "DEC");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:486:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(wcs->lngtyp, "RA");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:487:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(wcs->lattyp, "DEC");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:492:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(wcs->lngtyp, "%cLON", ctype[j][0]);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:493:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(wcs->lattyp, "%cLAT", ctype[j][0]);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:498:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(wcs->lngtyp, "%cLON", ctype[j][0]);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:499:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(wcs->lattyp, "%cLAT", ctype[j][0]);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:504:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(wcs->lngtyp, "%c%cLN", ctype[j][0], ctype[j][1]);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:505:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(wcs->lattyp, "%c%cLT", ctype[j][0], ctype[j][1]);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:510:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(wcs->lngtyp, "%c%cLN", ctype[j][0], ctype[j][1]);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:511:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(wcs->lattyp, "%c%cLT", ctype[j][0], ctype[j][1]);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:538:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(wcs->pcode, "SFL");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:591:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(wcs->pcode, "SIN");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:725:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(wcs->pcode, "SIN");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.h:112:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char pcodes[28][4];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.h:115:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char code[4];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.h:328:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pcode[4];
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.h:329:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lngtyp[5], lattyp[5];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srchurl[LINE];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:113:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:136:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&rad=%.3f",dtemp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:140:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&inrad=%.3f",dtemp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:146:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&dra=%.3f",dtemp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:149:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&ddec=%.3f",dtemp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:155:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp,"&sort=m%d", sortmag);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:159:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (srchurl, "&sort=distance");
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:163:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&mag1=%.2f&mag=%.2f",mag1,mag2);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:169:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&epoch=%.5f", epout);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:174:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&ndec=4");
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:178:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&nstar=%d", nstarmax);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:192:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (srchurl, "?%.7f%.7f&", ra/15.0, dec);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:194:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (srchurl, "?%.7f+%.7f&", ra/15.0, dec);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:199:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "r=0,%.3f&",dtemp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:202:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "nout=%d&f=8", nstar);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:215:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (srchurl, "?%.7f%.7f&", ra, dec);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:217:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (srchurl, "?%.7f+%.7f&", ra, dec);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:222:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "radius=0,%.3f&", dtemp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:225:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "mag=%.2f,%.2f&", mag1, mag2);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:229:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "format=8&sort=mr&");
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:231:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "format=8&sort=m&");
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:234:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "n=%d", nsmax);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:278:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (starcat->keymag[0], "magb");
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:279:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (starcat->keymag[1], "magr");
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:309:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srchurl[LINE];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:310:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numlist[LINE];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:311:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:312:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char csys[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:316:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[64]; /* Description of catalog (returned) */
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:321:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:322:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:348:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&epoch=%.5f", epout);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:357:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (srchurl, "?object=GSC%05d%05d&nout=1&f=8", ireg, istar);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:366:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (srchurl, "?object=U%04d_%08d&n=1&format=8&", ireg, istar);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:595:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuff[LINE];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:640:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nport = atoi (port);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:678:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redirect[LINE];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:751:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nbcont = atoi (cbcont+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:926:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[MAXHOSTNAMELENGTH + 12]; /* name of host */
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:974:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&adrinet->sin_addr, hp->h_addr, hp->h_length);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:101:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srchurl[LINE];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:102:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:108:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:131:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&rad=%.3f",dtemp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:135:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&inrad=%.3f",dtemp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:141:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&dra=%.3f",dtemp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:144:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&ddec=%.3f",dtemp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:150:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp,"&sort=m%d", sortmag);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:154:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (srchurl, "&sort=distance");
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:158:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&mag1=%.2f&mag=%.2f",mag1,mag2);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:164:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&epoch=%.5f", epout);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:169:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&ndec=4");
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:173:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&nstar=%d", nstarmax);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:187:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (srchurl, "?%.7f%.7f&", ra/15.0, dec);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:189:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (srchurl, "?%.7f+%.7f&", ra/15.0, dec);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:194:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "r=0,%.3f&",dtemp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:197:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "nout=%d&f=8", nstar);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:210:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (srchurl, "?%.7f%.7f&", ra, dec);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:212:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (srchurl, "?%.7f+%.7f&", ra, dec);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:217:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "radius=0,%.3f&", dtemp);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:220:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "mag=%.2f,%.2f&", mag1, mag2);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:224:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "format=8&sort=mr&");
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:226:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "format=8&sort=m&");
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:229:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "n=%d", nsmax);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:273:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (starcat->keymag[0], "magb");
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:274:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (starcat->keymag[1], "magr");
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:303:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char srchurl[LINE];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:304:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numlist[LINE];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:305:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:306:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char csys[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:310:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[64]; /* Description of catalog (returned) */
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:315:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cstr[32];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:316:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[64];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:342:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (temp, "&epoch=%.5f", epout);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:351:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (srchurl, "?object=GSC%05d%05d&nout=1&f=8", ireg, istar);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:360:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (srchurl, "?object=U%04d_%08d&n=1&format=8&", ireg, istar);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:580:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuff[LINE];
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:698:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nbcont = atoi (cbcont+1);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:871:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[MAXHOSTNAMELENGTH + 12]; /* name of host */
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:919:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&adrinet->sin_addr, hp->h_addr, hp->h_length);
data/montage-6.0+dfsg/lib/src/montage_wcs/zpxpos.c:85:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[8], *str1, *str2, *lngstr, *latstr, *header1;
data/montage-6.0+dfsg/lib/src/montage_wcs/zpxpos.c:104:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (header1, "WAT1_001= 'wtype=zpx axtype=ra projp0=0. projp1=1. projp2=0. projp3=337.74 proj'WAT2_001= 'wtype=zpx axtype=dec projp0=0. projp1=1. projp2=0. projp3=337.74 pro'");
data/montage-6.0+dfsg/lib/src/montage_wcs/zpxpos.c:139:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (key,"projp%d",i);
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:153:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tfile = fopen(fname, "r+");
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:155:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tfile = fopen(fname, "r");
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.h:30:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MTBL_MAXSTR];
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.h:31:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[MTBL_MAXSTR];
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.h:32:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unit[MTBL_MAXSTR];
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.h:33:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nuls[MTBL_MAXSTR];
data/montage-6.0+dfsg/lib/src/mtbl/test/multi_test.c:49:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id1 = atoi(tval(icol1));
data/montage-6.0+dfsg/lib/src/mtbl/test/multi_test.c:58:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id2 = atoi(tval(icol2));
data/montage-6.0+dfsg/lib/src/mtbl/test/nian2.c:12:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp [1024];
data/montage-6.0+dfsg/lib/src/mtbl/test/nian2.c:13:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/montage-6.0+dfsg/lib/src/mtbl/test/nian2.c:14:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[1024];
data/montage-6.0+dfsg/lib/src/mtbl/test/nian2.c:70:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char outstr[1024];
data/montage-6.0+dfsg/lib/src/mtbl/test/tbl2xml.c:13:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char intbl [MAXSTR];
data/montage-6.0+dfsg/lib/src/mtbl/test/tbl2xml.c:14:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outxml [MAXSTR];
data/montage-6.0+dfsg/lib/src/mtbl/test/tbl2xml.c:16:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char objstr [MAXSTR];
data/montage-6.0+dfsg/lib/src/mtbl/test/tbl2xml.c:18:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xcolname[MAXSTR];
data/montage-6.0+dfsg/lib/src/mtbl/test/tbl2xml.c:19:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xlabel [MAXSTR];
data/montage-6.0+dfsg/lib/src/mtbl/test/tbl2xml.c:21:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ycolname[MAXSTR];
data/montage-6.0+dfsg/lib/src/mtbl/test/tbl2xml.c:22:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ylabel [MAXSTR];
data/montage-6.0+dfsg/lib/src/mtbl/test/tbl2xml.c:91:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(outxml, "w+");
data/montage-6.0+dfsg/lib/src/mtbl/test/test3.c:11:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name, value[1024];
data/montage-6.0+dfsg/lib/src/mtbl/test/test_mtblio.c:17:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char propid[1024], pi[1024], exptime[1024], fov[1024];
data/montage-6.0+dfsg/lib/src/mtbl/test/test_mtblio.c:21:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char field_name[14][80] = {
data/montage-6.0+dfsg/lib/src/svc/structlib.c:264:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(svc->key[svc->count], "%-d", svc->count);
data/montage-6.0+dfsg/lib/src/svc/structlib.c:413:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subkey[SVC_STRLEN], tail[SVC_STRLEN], subval[SVC_STRLEN];
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1201:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[80];
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1258:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(sig == SIGHUP ) strcpy(msg, "SIGHUP: Hangup (see termio(7I))");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1259:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGINT ) strcpy(msg, "SIGINT: Interrupt (see termio(7I))");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1260:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGQUIT ) strcpy(msg, "SIGQUIT: Quit (see termio(7I))");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1261:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGILL ) strcpy(msg, "SIGILL: Illegal Instruction");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1262:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGTRAP ) strcpy(msg, "SIGTRAP: Trace/Breakpoint Trap");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1263:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGABRT ) strcpy(msg, "SIGABRT: Abort");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1264:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGFPE ) strcpy(msg, "SIGFPE: Arithmetic Exception");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1265:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGKILL ) strcpy(msg, "SIGKILL: Killed");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1266:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGBUS ) strcpy(msg, "SIGBUS: Bus Error");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1267:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGSEGV ) strcpy(msg, "SIGSEGV: Segmentation Fault");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1268:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGSYS ) strcpy(msg, "SIGSYS: Bad System Call");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1269:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGPIPE ) strcpy(msg, "SIGPIPE: Broken Pipe");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1270:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGALRM ) strcpy(msg, "SIGALRM: Alarm Clock");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1271:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGTERM ) strcpy(msg, "SIGTERM: Terminated");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1272:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGUSR1 ) strcpy(msg, "SIGUSR1: User Signal 1");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1273:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGUSR2 ) strcpy(msg, "SIGUSR2: User Signal 2");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1274:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGSTOP ) strcpy(msg, "SIGSTOP: Stopped (signal)");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1275:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGTSTP ) strcpy(msg, "SIGTSTP: Stopped (user)");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1276:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGCONT ) strcpy(msg, "SIGCONT: Continued");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1277:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGTTIN ) strcpy(msg, "SIGTTIN: Stopped (tty input)");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1278:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGTTOU ) strcpy(msg, "SIGTTOU: Stopped (tty output)");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1279:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGVTALRM) strcpy(msg, "SIGVTALRM: Virtual Timer Expired");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1280:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGPROF ) strcpy(msg, "SIGPROF: Profiling Timer Expired");
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1281:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGXCPU ) strcpy(msg, "SIGXCPU: CPU time limit exceeded");
data/montage-6.0+dfsg/lib/src/svc/test/abortchild.c:14:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen("child.out", "w+");
data/montage-6.0+dfsg/lib/src/svc/test/structtest.c:14:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char instr [MAXSTR];
data/montage-6.0+dfsg/lib/src/svc/test/structtest.c:15:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char structstr[MAXSTR];
data/montage-6.0+dfsg/lib/src/svc/test/structtest.c:61:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char structstr[MAXSTR];
data/montage-6.0+dfsg/lib/src/svc/test/structtest.c:62:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value [MAXSTR];
data/montage-6.0+dfsg/lib/src/svc/test/structtest.c:63:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blank [MAXSTR];
data/montage-6.0+dfsg/lib/src/svc/test/test1.c:12:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdstr[256], *retstr;
data/montage-6.0+dfsg/lib/src/svc/test/test2.c:12:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdstr[256], val[256], key[256], *retstr;
data/montage-6.0+dfsg/lib/src/svc/test/test2.c:23:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdstr, "file bsc.tbl");
data/montage-6.0+dfsg/lib/src/svc/test/test2.c:31:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdstr, "header");
data/montage-6.0+dfsg/lib/src/svc/test/test2.c:37:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ncol = atoi(val);
data/montage-6.0+dfsg/lib/src/svc/test/test2.c:42:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(key, "return.value[%-d]", i);
data/montage-6.0+dfsg/lib/src/svc/test/test2.c:54:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdstr, "read x ra");
data/montage-6.0+dfsg/lib/src/svc/test/test2.c:61:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdstr, "read y dec");
data/montage-6.0+dfsg/lib/src/svc/test/test2.c:69:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdstr, "scale x y");
data/montage-6.0+dfsg/lib/src/svc/test/test2.c:101:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdstr, "apply");
data/montage-6.0+dfsg/lib/src/svc/test/test2.c:108:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdstr, "grid");
data/montage-6.0+dfsg/lib/src/svc/test/test2.c:115:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdstr, "map x y");
data/montage-6.0+dfsg/lib/src/svc/test/test2.c:122:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cmdstr, "quit");
data/montage-6.0+dfsg/lib/src/svc/test/test3.c:12:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdstr[256], *retstr;
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CP_Keyname[FLEN_KEYWORD], CP_Keyvalue[FLEN_VALUE], extension[FLEN_COMMENT];
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:51:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(CP_Keyname, "CTYPE1");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:69:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(CP_Keyname, "A_ORDER");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:83:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CP_Keyname, "A_%d_%d",i,j);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:92:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(CP_Keyname, "B_ORDER");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:105:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CP_Keyname, "B_%d_%d", i, j);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:112:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(CP_Keyname, "AP_ORDER");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:126:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CP_Keyname, "AP_%d_%d",i,j);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:135:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(CP_Keyname, "BP_ORDER");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:148:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CP_Keyname, "BP_%d_%d", i, j);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:155:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(CP_Keyname, "CRPIX1");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:161:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(CP_Keyname, "CRPIX2");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:175:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CP_Keyname[FLEN_KEYWORD], CP_Keyvalue[FLEN_VALUE], extension[FLEN_COMMENT];
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:180:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(CP_Keyname, "CTYPE1");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:203:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(CP_Keyname, "A_ORDER");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:223:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CP_Keyname, "A_%d_%d",i,j);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:239:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(CP_Keyname, "B_ORDER");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:254:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CP_Keyname, "B_%d_%d", i, j);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:269:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(CP_Keyname, "AP_ORDER");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:289:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CP_Keyname, "AP_%d_%d",i,j);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:305:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(CP_Keyname, "BP_ORDER");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:320:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CP_Keyname, "BP_%d_%d", i, j);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:335:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(CP_Keyname, "CRPIX1");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:342:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(CP_Keyname, "CRPIX2");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:433:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CP_Keyname[FLEN_KEYWORD];
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:434:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CP_Comment[FLEN_COMMENT];
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:455:12: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CP_Keyname, "A_%d_%d",i,j);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:508:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CP_Keyname, "B_%d_%d",i,j);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:560:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CP_Keyname, "AP_%d_%d",i,j);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:596:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CP_Keyname, "BP_%d_%d",i,j);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:182:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char char_value[80];
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:184:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mod_key[KEY_LENTH+2];
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:217:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char char_value[80];
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:218:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mod_key[KEY_LENTH+2];
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:250:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char char_value[80];
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:253:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mod_key[KEY_LENTH+2];
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:274:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*value = atoi(char_value);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:286:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char char_value[80];
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:289:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mod_key[KEY_LENTH+2];
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:305:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(char_value,"%9.8f",value);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:9:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char intemplate[MAXSTR];
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:10:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outtemplate[MAXSTR];
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:12:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inheader[80000];
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:13:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outheader[80000];
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:57:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:64:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(intemplate, "r");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:89:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(outtemplate, "r");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/two_plane.h:18:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char projection_type_1[4];
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/two_plane.h:19:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char projection_type_2[4];
data/montage-6.0+dfsg/lib/src/www/www.c:49:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char debugFile[1024];
data/montage-6.0+dfsg/lib/src/www/www.c:51:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpdir[1024] = "/tmp";
data/montage-6.0+dfsg/lib/src/www/www.c:59:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char keyword_stripped[MAXSTR];
data/montage-6.0+dfsg/lib/src/www/www.c:95:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char none[256];
data/montage-6.0+dfsg/lib/src/www/www.c:96:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valbuf1[MAXIN];
data/montage-6.0+dfsg/lib/src/www/www.c:97:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valbuf2[MAXIN];
data/montage-6.0+dfsg/lib/src/www/www.c:103:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffb[4096];
data/montage-6.0+dfsg/lib/src/www/www.c:104:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffe[4096];
data/montage-6.0+dfsg/lib/src/www/www.c:110:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXIN];
data/montage-6.0+dfsg/lib/src/www/www.c:111:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fline[MAXIN];
data/montage-6.0+dfsg/lib/src/www/www.c:112:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char endline[32];
data/montage-6.0+dfsg/lib/src/www/www.c:113:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char boundary[1024] = "";
data/montage-6.0+dfsg/lib/src/www/www.c:114:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char end_boundary[1024] = "";
data/montage-6.0+dfsg/lib/src/www/www.c:123:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char xismap[MAXSTR], yismap[MAXSTR];
data/montage-6.0+dfsg/lib/src/www/www.c:124:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *x, *y, val[256];
data/montage-6.0+dfsg/lib/src/www/www.c:139:15: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
tmpfd = mkstemp(debugFile);
data/montage-6.0+dfsg/lib/src/www/www.c:165:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(none, "NONE");
data/montage-6.0+dfsg/lib/src/www/www.c:166:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(boundary, "--dummy");
data/montage-6.0+dfsg/lib/src/www/www.c:208:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(boundary, "--");
data/montage-6.0+dfsg/lib/src/www/www.c:242:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cl = atoi(count);
data/montage-6.0+dfsg/lib/src/www/www.c:333:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(end_boundary, "--");
data/montage-6.0+dfsg/lib/src/www/www.c:365:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(endline, "-CRLF-");
data/montage-6.0+dfsg/lib/src/www/www.c:368:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(endline, "-CR-");
data/montage-6.0+dfsg/lib/src/www/www.c:371:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(endline, "-LF-");
data/montage-6.0+dfsg/lib/src/www/www.c:374:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(endline, "-BAD(%d)-", *(line+strlen(line)-1));
data/montage-6.0+dfsg/lib/src/www/www.c:532:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffb, "\r\n");
data/montage-6.0+dfsg/lib/src/www/www.c:534:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffb, "\r\n");
data/montage-6.0+dfsg/lib/src/www/www.c:536:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buffe, "\r\n");
data/montage-6.0+dfsg/lib/src/www/www.c:538:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffe, "\r\n");
data/montage-6.0+dfsg/lib/src/www/www.c:726:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pcontent = fopen(entries[i].fname, "r");
data/montage-6.0+dfsg/lib/src/www/www.c:959:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xismap, "xismap");
data/montage-6.0+dfsg/lib/src/www/www.c:960:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(yismap, "yismap");
data/montage-6.0+dfsg/lib/src/www/www.c:1031:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/lib/src/www/www.c:1037:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(debugFile, "r");
data/montage-6.0+dfsg/lib/src/www/www.c:1076:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if(entries[i].fname != (char *)NULL)
data/montage-6.0+dfsg/lib/src/www/www.c:1459:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(entries[nentry].val, "(semicolon)");
data/montage-6.0+dfsg/lib/src/www/www.c:1489:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(entries[nentry].fname, "XXXXXX");
data/montage-6.0+dfsg/lib/src/www/www.c:1491:9: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(entries[nentry].fname);
data/montage-6.0+dfsg/lib/src/www/www.c:1576:30: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if(s[i] == '&' ) {strcat((char *)str, "&"); j+=5;}
data/montage-6.0+dfsg/lib/src/www/www.c:1577:30: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else if(s[i] == '<' ) {strcat((char *)str, "<"); j+=4;}
data/montage-6.0+dfsg/lib/src/www/www.c:1578:30: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
else if(s[i] == '>' ) {strcat((char *)str, ">"); j+=4;}
data/montage-6.0+dfsg/lib/src/www/www.c:1638:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char index_str[5];
data/montage-6.0+dfsg/lib/src/www/www.c:1691:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexstr[8];
data/montage-6.0+dfsg/lib/src/www/www.c:1735:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hexstr, "%02x", in[j]);
data/montage-6.0+dfsg/lib/src/www/www.c:1770:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timeout[256];
data/montage-6.0+dfsg/lib/src/www/www.c:1773:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char day[7][10] = {"Sunday", "Monday", "Tuesday",
data/montage-6.0+dfsg/lib/src/www/www.c:1775:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char month[12][4] = {"Jan", "Feb", "Mar", "Apr", "May", "Jun",
data/montage-6.0+dfsg/lib/src/www/www.c:1842:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char myheader[MAXSTR];
data/montage-6.0+dfsg/lib/src/www/www.c:1844:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mytitle[MAXSTR];
data/montage-6.0+dfsg/lib/src/www/www.c:1845:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAXSTR];
data/montage-6.0+dfsg/lib/src/www/www.c:1874:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fheader = fopen(myheader, "r");
data/montage-6.0+dfsg/lib/src/www/www.c:1925:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char myfooter[MAXSTR];
data/montage-6.0+dfsg/lib/src/www/www.c:1927:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAXSTR];
data/montage-6.0+dfsg/lib/src/www/www.c:1950:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ffooter = fopen(myfooter, "r");
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:43:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url [MAXSTR];
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:44:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlbase [MAXSTR];
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:45:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file [MAXSTR];
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:46:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filebase[MAXSTR];
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:48:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:50:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXSTR];
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:51:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [32];
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:77:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
debug = atoi(optarg);
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:81:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout = atoi(optarg);
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:85:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nrestart = atoi(optarg);
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:213:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
imin = atoi(tval(iimin));
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:214:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
imax = atoi(tval(iimax));
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:215:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
jmin = atoi(tval(ijmin));
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:216:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
jmax = atoi(tval(ijmax));
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:41:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archive_msg[1024];
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:67:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlStr [MAXLEN];
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:68:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAXLEN];
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:69:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXLEN];
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:70:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXLEN];
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:95:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout = atoi(optarg);
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:210:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[1024];
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:256:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(sig == SIGHUP ) strcpy(msg, "SIGHUP: Hangup (see termio(7I))");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:257:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGINT ) strcpy(msg, "SIGINT: Interrupt (see termio(7I))");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:258:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGQUIT ) strcpy(msg, "SIGQUIT: Quit (see termio(7I))");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:259:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGILL ) strcpy(msg, "SIGILL: Illegal Instruction");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:260:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGTRAP ) strcpy(msg, "SIGTRAP: Trace/Breakpoint Trap");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:261:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGABRT ) strcpy(msg, "SIGABRT: Abort");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:262:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGFPE ) strcpy(msg, "SIGFPE: Arithmetic Exception");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:263:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGBUS ) strcpy(msg, "SIGBUS: Bus Error");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:264:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGSEGV ) strcpy(msg, "SIGSEGV: Segmentation Fault");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:265:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGSYS ) strcpy(msg, "SIGSYS: Bad System Call");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:266:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGPIPE ) strcpy(msg, "SIGPIPE: Broken Pipe");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:268:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGTERM ) strcpy(msg, "SIGTERM: Terminated");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:269:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGUSR1 ) strcpy(msg, "SIGUSR1: User Signal 1");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:270:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGUSR2 ) strcpy(msg, "SIGUSR2: User Signal 2");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:271:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGTSTP ) strcpy(msg, "SIGTSTP: Stopped (user)");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:272:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGCONT ) strcpy(msg, "SIGCONT: Continued");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:273:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGTTIN ) strcpy(msg, "SIGTTIN: Stopped (tty input)");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:274:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGTTOU ) strcpy(msg, "SIGTTOU: Stopped (tty output)");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:275:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGVTALRM) strcpy(msg, "SIGVTALRM: Virtual Timer Expired");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:276:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGPROF ) strcpy(msg, "SIGPROF: Profiling Timer Expired");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:277:33: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(sig == SIGXCPU ) strcpy(msg, "SIGXCPU: CPU time limit exceeded");
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:51:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXLEN];
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:52:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char request [MAXLEN];
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:53:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base [MAXLEN];
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:54:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char constraint[MAXLEN];
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:55:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server [MAXLEN];
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:56:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char source [MAXLEN];
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:57:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type [MAXLEN];
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:68:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pserver [MAXLEN];
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:75:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type, "url");
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:86:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type, "gftp");
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:89:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type, "gpfs");
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:93:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(type, "uri");
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:102:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(server, "montage-web.ipac.caltech.edu");
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:106:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(base, "/cgi-bin/ImgList/nph-imglist?");
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:117:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(argv[6], "w+");
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:240:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(host->h_addr_list[0], &sin.sin_addr, host->h_length);
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:389:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*port = atoi(portPtr);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:73:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:74:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bestURL [MAXSTR];
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:75:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bestName[MAXSTR];
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:77:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:78:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[80];
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:110:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[16];
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:111:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[16];
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:129:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url [MAXSTR];
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:130:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname[MAXSTR];
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:288:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bestName, "No name");
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:289:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bestURL, "No URL");
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:309:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(ins >= 0) naxis1 = atoi(tval(ins));
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:310:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(inl >= 0) naxis2 = atoi(tval(inl));
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:340:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
equinox = atoi(tval(iequinox));
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:349:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hdu = atoi(tval(ihdu));
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:415:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); stradd(header, temp);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:416:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); stradd(header, temp);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:417:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); stradd(header, temp);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:418:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", naxis1 ); stradd(header, temp);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:419:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", naxis2 ); stradd(header, temp);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:422:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %11.6f", crval1 ); stradd(header, temp);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:423:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %11.6f", crval2 ); stradd(header, temp);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:424:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %11.6f", crpix1 ); stradd(header, temp);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:425:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %11.6f", crpix2 ); stradd(header, temp);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:428:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{sprintf(temp, "CDELT1 = %11.6f", cdelt1 ); stradd(header, temp);}
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:431:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{sprintf(temp, "CDELT2 = %11.6f", cdelt2 ); stradd(header, temp);}
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:434:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{sprintf(temp, "CROTA2 = %11.6f", crota2 ); stradd(header, temp);}
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:437:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{sprintf(temp, "CD1_1 = %11.6f", cd1_1 ); stradd(header, temp);}
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:440:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{sprintf(temp, "CD1_2 = %11.6f", cd1_2 ); stradd(header, temp);}
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:443:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{sprintf(temp, "CD2_1 = %11.6f", cd2_1 ); stradd(header, temp);}
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:446:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
{sprintf(temp, "CD2_2 = %11.6f", cd2_2 ); stradd(header, temp);}
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:448:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", equinox); stradd(header, temp);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:449:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); stradd(header, temp);
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:57:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname [MAXSTR];
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:59:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:60:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:61:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char calfile [MAXSTR];
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:63:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXSTR];
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXSTR];
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:65:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [32];
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:102:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(optarg, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:155:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(calfile, "w+");
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:66:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [STRLEN];
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:67:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmptbl [STRLEN];
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:69:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [STRLEN];
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:70:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [STRLEN];
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:71:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ra [STRLEN];
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:72:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dec [STRLEN];
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:73:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char color [STRLEN];
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:80:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:101:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yr = atoi(buffer);
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:104:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mo = atoi(buffer);
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:107:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
day = atoi(buffer);
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:110:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hr = atoi(buffer);
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:113:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = atoi(buffer);
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:116:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sec = atoi(buffer);
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:120:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmptbl, "/tmp/CalTbl_%04d.%02d.%02d_%02d.%02d.%02d_%06d",
data/montage-6.0+dfsg/util/Calibrate/mCalibrate.c:140:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(argv[2], "w+");
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:129:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:130:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colname [MAXSTR];
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:131:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:132:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template_file[MAXSTR];
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:168:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
width = atoi(optarg);
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:743:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:745:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *header[2];
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:764:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:932:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[0] = atoi(value);
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:935:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output.naxes[1] = atoi(value);
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:950:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS], errmsg[FLEN_ERRMSG];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:53:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base [STRLEN];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:54:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server [STRLEN];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:55:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pserver [STRLEN];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:56:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char constraint [STRLEN];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:57:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char request [STRLEN];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:58:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [STRLEN];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:60:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [STRLEN];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:61:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [STRLEN];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:63:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [STRLEN];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [STRLEN];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:66:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ra1 [STRLEN];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:67:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dec1 [STRLEN];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:68:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ra2 [STRLEN];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:69:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dec2 [STRLEN];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:70:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ra3 [STRLEN];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:71:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dec3 [STRLEN];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:72:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ra4 [STRLEN];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:73:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dec4 [STRLEN];
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:143:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(server, "irsa.ipac.caltech.edu");
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:147:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(base, "/cgi-bin/Gator/nph-query?");
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:151:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(output_file, "w+");
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:265:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(host->h_addr_list[0], &sin.sin_addr, host->h_length);
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:369:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*port = atoi(portPtr);
data/montage-6.0+dfsg/util/Examine/mExamine.c:83:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile[1024];
data/montage-6.0+dfsg/util/Examine/mExamine.c:87:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proj[32];
data/montage-6.0+dfsg/util/Examine/mExamine.c:89:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char csys_str[64];
data/montage-6.0+dfsg/util/Examine/mExamine.c:91:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[256];
data/montage-6.0+dfsg/util/Examine/mExamine.c:92:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[256];
data/montage-6.0+dfsg/util/Examine/mExamine.c:157:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/util/Examine/mExamine.c:370:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(csys_str, "EQUJ");
data/montage-6.0+dfsg/util/Examine/mExamine.c:376:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(csys_str, "EQUJ");
data/montage-6.0+dfsg/util/Examine/mExamine.c:382:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(csys_str, "EQUB");
data/montage-6.0+dfsg/util/Examine/mExamine.c:389:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(csys_str, "GAL");
data/montage-6.0+dfsg/util/Examine/mExamine.c:395:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(csys_str, "GAL");
data/montage-6.0+dfsg/util/Examine/mExamine.c:402:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(csys_str, "ECLJ");
data/montage-6.0+dfsg/util/Examine/mExamine.c:408:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(csys_str, "ECLB");
data/montage-6.0+dfsg/util/Examine/mExamine.c:1114:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
planes[count] = atoi(ptr);
data/montage-6.0+dfsg/util/Exec/mExec.c:68:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:76:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char astr[MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:77:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char bstr[MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:78:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cstr[MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:208:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fheader[28800];
data/montage-6.0+dfsg/util/Exec/mExec.c:211:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:212:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf [BUFSIZE];
data/montage-6.0+dfsg/util/Exec/mExec.c:213:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:239:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:240:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname1 [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:241:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fname2 [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:242:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char diffname [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:243:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char areafile [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:244:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char survey [3][MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:245:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostName [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:247:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdrfile [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:248:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdrtext [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:249:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outstr [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:250:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char savefile [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:251:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char savetmp [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:252:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rawdir [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:253:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datadir [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:254:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scale_str [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:255:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char debugFile [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:256:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pngFile [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:257:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infoFile [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:258:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelText [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:259:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locText [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:260:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char contactText[MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:261:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char color [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:291:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char band [3][16];
data/montage-6.0+dfsg/util/Exec/mExec.c:295:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:296:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:297:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:298:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:299:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:300:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char goodFile [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:302:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locstr [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:303:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char radstr [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:305:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:306:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpfile [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:306:11: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
char tmpfile [MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:307:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workspace[3][MAXLEN];
data/montage-6.0+dfsg/util/Exec/mExec.c:357:11: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
strcpy(tmpfile, "");
data/montage-6.0+dfsg/util/Exec/mExec.c:377:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rawdir, "raw");
data/montage-6.0+dfsg/util/Exec/mExec.c:401:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
finfo = fopen(infoFile, "w+");
data/montage-6.0+dfsg/util/Exec/mExec.c:440:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ntile = atoi(optarg);
data/montage-6.0+dfsg/util/Exec/mExec.c:444:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mtile = atoi(optarg);
data/montage-6.0+dfsg/util/Exec/mExec.c:456:20: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
strcpy(tmpfile, optarg);
data/montage-6.0+dfsg/util/Exec/mExec.c:537:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if(strlen(tmpfile) > 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:538:38: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
strcpy(savefile, filePath(cwd, tmpfile));
data/montage-6.0+dfsg/util/Exec/mExec.c:607:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(template, "MOSAIC_XXXXXX");
data/montage-6.0+dfsg/util/Exec/mExec.c:645:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdebug = fopen(debugFile, "w+");
data/montage-6.0+dfsg/util/Exec/mExec.c:674:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(color, "gray");
data/montage-6.0+dfsg/util/Exec/mExec.c:678:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(iband == 0) strcpy(color, "Blue");
data/montage-6.0+dfsg/util/Exec/mExec.c:679:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(iband == 1) strcpy(color, "Red");
data/montage-6.0+dfsg/util/Exec/mExec.c:684:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(iband == 0) strcpy(color, "Blue");
data/montage-6.0+dfsg/util/Exec/mExec.c:685:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(iband == 1) strcpy(color, "Green");
data/montage-6.0+dfsg/util/Exec/mExec.c:686:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(iband == 2) strcpy(color, "Red");
data/montage-6.0+dfsg/util/Exec/mExec.c:701:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(hdrfile, "r" );
data/montage-6.0+dfsg/util/Exec/mExec.c:713:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(cmd, "w+");
data/montage-6.0+dfsg/util/Exec/mExec.c:753:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(cmd, "w+");
data/montage-6.0+dfsg/util/Exec/mExec.c:883:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fhdr = fopen("region.hdr", "r");
data/montage-6.0+dfsg/util/Exec/mExec.c:889:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bhdr = fopen("big_region.hdr", "w+");
data/montage-6.0+dfsg/util/Exec/mExec.c:930:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ival = atoi(temp+9);
data/montage-6.0+dfsg/util/Exec/mExec.c:936:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ival = atoi(temp+9);
data/montage-6.0+dfsg/util/Exec/mExec.c:1101:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(locstr, "%dh%02dm%05.2fs -%dd%02dm%04.1fs J2000", rh, rm, rs, dd, dm, ds);
data/montage-6.0+dfsg/util/Exec/mExec.c:1103:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(locstr, "%dh%02dm%05.2fs +%dd%02dm%04.1fs J2000", rh, rm, rs, dd, dm, ds);
data/montage-6.0+dfsg/util/Exec/mExec.c:1108:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(locstr, "%dh%02dm%05.2fs -%dd%02dm%04.1fs J1950", rh, rm, rs, dd, dm, ds);
data/montage-6.0+dfsg/util/Exec/mExec.c:1110:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(locstr, "%dh%02dm%05.2fs +%dd%02dm%04.1fs J1950", rh, rm, rs, dd, dm, ds);
data/montage-6.0+dfsg/util/Exec/mExec.c:1116:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(locstr, "%dh%02dm%05.2fs -%dd%02dm%04.1fs B1950", rh, rm, rs, dd, dm, ds);
data/montage-6.0+dfsg/util/Exec/mExec.c:1118:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(locstr, "%dh%02dm%05.2fs +%dd%02dm%04.1fs B1950", rh, rm, rs, dd, dm, ds);
data/montage-6.0+dfsg/util/Exec/mExec.c:1124:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(locstr, "%dh%02dm%05.2fs -%dd%02dm%04.1fs B2000", rh, rm, rs, dd, dm, ds);
data/montage-6.0+dfsg/util/Exec/mExec.c:1126:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(locstr, "%dh%02dm%05.2fs +%dd%02dm%04.1fs B2000", rh, rm, rs, dd, dm, ds);
data/montage-6.0+dfsg/util/Exec/mExec.c:1131:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(locstr, "%.4f %.4f Galactic", xpos, ypos);
data/montage-6.0+dfsg/util/Exec/mExec.c:1135:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(locstr, "%.4f %.4f Ecl J2000", xpos, ypos);
data/montage-6.0+dfsg/util/Exec/mExec.c:1138:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(locstr, "%.4f %.4f Ecl J1950", xpos, ypos);
data/montage-6.0+dfsg/util/Exec/mExec.c:1143:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(locstr, "%dh%02dm%05.2fs -%dd%02dm%04.1fs J2000", rh, rm, rs, dd, dm, ds);
data/montage-6.0+dfsg/util/Exec/mExec.c:1145:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(locstr, "%dh%02dm%05.2fs +%dd%02dm%04.1fs J2000", rh, rm, rs, dd, dm, ds);
data/montage-6.0+dfsg/util/Exec/mExec.c:1151:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(radstr, "%.2f", fabs(wcs->nxpix * wcs->xinc));
data/montage-6.0+dfsg/util/Exec/mExec.c:1247:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mCoverageCheck remote_big.tbl remote.tbl -header region.hdr");
data/montage-6.0+dfsg/util/Exec/mExec.c:1318:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mArchiveExec ../remote.tbl");
data/montage-6.0+dfsg/util/Exec/mExec.c:1355:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( msg, "No data was available for the region specified at this time");
data/montage-6.0+dfsg/util/Exec/mExec.c:1403:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mImgtbl -c . rimages_full.tbl");
data/montage-6.0+dfsg/util/Exec/mExec.c:1453:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mCoverageCheck rimages_full.tbl rimages.tbl -header region.hdr");
data/montage-6.0+dfsg/util/Exec/mExec.c:1513:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mTANHdr big_region.hdr altout.hdr");
data/montage-6.0+dfsg/util/Exec/mExec.c:1610:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(datadir, "shrunken");
data/montage-6.0+dfsg/util/Exec/mExec.c:1669:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(outfile, ".fits");
data/montage-6.0+dfsg/util/Exec/mExec.c:1672:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(scale_str, "1.0");
data/montage-6.0+dfsg/util/Exec/mExec.c:1700:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Bad WCS in input image");
data/montage-6.0+dfsg/util/Exec/mExec.c:1731:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mTANHdr orig.hdr altin.hdr");
data/montage-6.0+dfsg/util/Exec/mExec.c:1859:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg, ": ");
data/montage-6.0+dfsg/util/Exec/mExec.c:1865:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msg, ": ");
data/montage-6.0+dfsg/util/Exec/mExec.c:1949:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mImgtbl -c projected pimages.tbl");
data/montage-6.0+dfsg/util/Exec/mExec.c:1972:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mImgtbl -c projected pimages.tbl");
data/montage-6.0+dfsg/util/Exec/mExec.c:1997:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mOverlaps pimages.tbl diffs.tbl");
data/montage-6.0+dfsg/util/Exec/mExec.c:2087:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen("fits.tbl", "w+");
data/montage-6.0+dfsg/util/Exec/mExec.c:2099:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr1 = atoi(tval(icntr1));
data/montage-6.0+dfsg/util/Exec/mExec.c:2100:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr2 = atoi(tval(icntr2));
data/montage-6.0+dfsg/util/Exec/mExec.c:2192:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xmin = atoi(svc_value("xmin"));
data/montage-6.0+dfsg/util/Exec/mExec.c:2193:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xmax = atoi(svc_value("xmax"));
data/montage-6.0+dfsg/util/Exec/mExec.c:2194:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ymin = atoi(svc_value("ymin"));
data/montage-6.0+dfsg/util/Exec/mExec.c:2195:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ymax = atoi(svc_value("ymax"));
data/montage-6.0+dfsg/util/Exec/mExec.c:2219:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(areafile, "_area.fits");
data/montage-6.0+dfsg/util/Exec/mExec.c:2256:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mBgModel -i 100000 -l -a pimages.tbl fits.tbl corrections.tbl");
data/montage-6.0+dfsg/util/Exec/mExec.c:2258:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mBgModel -i 100000 pimages.tbl fits.tbl corrections.tbl");
data/montage-6.0+dfsg/util/Exec/mExec.c:2386:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(tval(iid));
data/montage-6.0+dfsg/util/Exec/mExec.c:2421:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cntr = atoi(tval(icntr));
data/montage-6.0+dfsg/util/Exec/mExec.c:2474:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(areafile, "_area.fits");
data/montage-6.0+dfsg/util/Exec/mExec.c:2488:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(areafile, "_area.fits");
data/montage-6.0+dfsg/util/Exec/mExec.c:2525:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mImgtbl -c corrected cimages.tbl");
data/montage-6.0+dfsg/util/Exec/mExec.c:2556:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mAdd -n -p corrected cimages.tbl region.hdr mosaic.fits");
data/montage-6.0+dfsg/util/Exec/mExec.c:2558:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mAdd -p corrected cimages.tbl region.hdr mosaic.fits");
data/montage-6.0+dfsg/util/Exec/mExec.c:2583:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mTileHdr region.hdr tmp/region_%d_%d.hdr %d %d %d %d 100 100",
data/montage-6.0+dfsg/util/Exec/mExec.c:2603:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mCoverageCheck cimages.tbl tmp/cimages_%d_%d.tbl -f tmp/region_%d_%d.hdr",
data/montage-6.0+dfsg/util/Exec/mExec.c:2623:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nmatches = atoi(svc_value("count"));
data/montage-6.0+dfsg/util/Exec/mExec.c:2628:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mAdd -n -p corrected tmp/cimages_%d_%d.tbl tmp/region_%d_%d.hdr tiles/tile_%d_%d.fits",
data/montage-6.0+dfsg/util/Exec/mExec.c:2631:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mAdd -p corrected tmp/cimages_%d_%d.tbl tmp/region_%d_%d.hdr tiles/tile_%d_%d.fits",
data/montage-6.0+dfsg/util/Exec/mExec.c:2654:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "tmp/region_%d_%d.hdr", i, j);
data/montage-6.0+dfsg/util/Exec/mExec.c:2657:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "tmp/cimages_%d_%d.tbl", i, j);
data/montage-6.0+dfsg/util/Exec/mExec.c:2663:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mImgtbl -c tiles timages.tbl");
data/montage-6.0+dfsg/util/Exec/mExec.c:2684:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mAdd -n -p tiles timages.tbl region.hdr mosaic.fits");
data/montage-6.0+dfsg/util/Exec/mExec.c:2686:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mAdd -p tiles timages.tbl region.hdr mosaic.fits");
data/montage-6.0+dfsg/util/Exec/mExec.c:2709:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "rm -rf tiles/*_area.fits");
data/montage-6.0+dfsg/util/Exec/mExec.c:2753:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen("mosaic.fits", "r" );
data/montage-6.0+dfsg/util/Exec/mExec.c:2757:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Can't open mosaic file: [mosaic.fits]");
data/montage-6.0+dfsg/util/Exec/mExec.c:2762:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fsave = fopen( savetmp, "w+");
data/montage-6.0+dfsg/util/Exec/mExec.c:2812:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Need column 'fname' in input");
data/montage-6.0+dfsg/util/Exec/mExec.c:2834:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(areafile, "_area.fits");
data/montage-6.0+dfsg/util/Exec/mExec.c:2872:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(msg, "Need column 'fname' in input");
data/montage-6.0+dfsg/util/Exec/mExec.c:2894:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(areafile, "_area.fits");
data/montage-6.0+dfsg/util/Exec/mExec.c:2922:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "rm -rf shrunken/*");
data/montage-6.0+dfsg/util/Exec/mExec.c:2937:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "rm -rf corrected");
data/montage-6.0+dfsg/util/Exec/mExec.c:2975:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mViewer -saturate 255 -ct 1 -mark %.6f %.6f eq J2000 7 red -gray mosaic.fits -2s max gaussian-log -out mosaic.png",
data/montage-6.0+dfsg/util/Exec/mExec.c:2978:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(cmd, "mViewer -saturate 255 -ct 1 -gray mosaic.fits -2s max gaussian-log -out mosaic.png");
data/montage-6.0+dfsg/util/Exec/mExec.c:3042:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fhtml = fopen("index.html", "w+");
data/montage-6.0+dfsg/util/Exec/mExec.c:3356:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/util/FixNaN/mFixNaN.c:35:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/util/FixNaN/mFixNaN.c:36:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/util/FixNaN/mFixNaN.c:105:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/util/FixNaN/mFixNaN.c:586:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[MAXSTR];
data/montage-6.0+dfsg/util/FixNaN/mFixNaN.c:648:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/util/Hdr/mHdr.c:51:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXLEN];
data/montage-6.0+dfsg/util/Hdr/mHdr.c:52:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char request [MAXLEN];
data/montage-6.0+dfsg/util/Hdr/mHdr.c:53:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base [MAXLEN];
data/montage-6.0+dfsg/util/Hdr/mHdr.c:54:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char constraint[MAXLEN];
data/montage-6.0+dfsg/util/Hdr/mHdr.c:55:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server [MAXLEN];
data/montage-6.0+dfsg/util/Hdr/mHdr.c:56:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile [MAXLEN];
data/montage-6.0+dfsg/util/Hdr/mHdr.c:57:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bandStr [MAXLEN];
data/montage-6.0+dfsg/util/Hdr/mHdr.c:58:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char band2MASS [MAXLEN];
data/montage-6.0+dfsg/util/Hdr/mHdr.c:63:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char heightstr [MAXLEN];
data/montage-6.0+dfsg/util/Hdr/mHdr.c:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysstr [MAXLEN];
data/montage-6.0+dfsg/util/Hdr/mHdr.c:65:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char equistr [MAXLEN];
data/montage-6.0+dfsg/util/Hdr/mHdr.c:66:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resstr [MAXLEN];
data/montage-6.0+dfsg/util/Hdr/mHdr.c:67:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rotstr [MAXLEN];
data/montage-6.0+dfsg/util/Hdr/mHdr.c:72:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pserver [MAXLEN];
data/montage-6.0+dfsg/util/Hdr/mHdr.c:140:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(server, "irsa.ipac.caltech.edu");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:144:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(base, "/cgi-bin/HdrTemplate/nph-hdr?");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:156:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(constraint, "&height=");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:162:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(constraint, "&system=");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:168:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(constraint, "&equinox=");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:174:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(constraint, "&resolution=");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:180:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(constraint, "&rotation=");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:186:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(constraint, "&band=");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:190:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(outfile, "w+");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:312:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(host->h_addr_list[0], &sin.sin_addr, host->h_length);
data/montage-6.0+dfsg/util/Hdr/mHdr.c:461:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*port = atoi(portPtr);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:180:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char statusfile[1024];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:181:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grayfile [1024];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:182:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redfile [1024];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:183:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenfile [1024];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:184:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluefile [1024];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:185:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jpegfile [1024];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:187:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grayminstr [256];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:188:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char graymaxstr [256];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:189:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char graybetastr [256];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:190:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redminstr [256];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:191:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redmaxstr [256];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:192:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redbetastr [256];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:193:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenminstr [256];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:194:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenmaxstr [256];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:195:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenbetastr[256];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:196:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blueminstr [256];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:197:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluemaxstr [256];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:198:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluebetastr [256];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:200:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sysstring [256];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:201:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char epochstring[256];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:202:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colorstring[256];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:203:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colorelem [3];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:272:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:366:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
marksize[nmark] = atoi(argv[i+5]);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:498:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(statusfile, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:552:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(graybetastr, "2s");
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:639:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(redbetastr, "2s");
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:727:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(greenbetastr, "2s");
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:814:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bluebetastr, "2s");
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:875:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
jpegfp = fopen(jpegfile, "w+");
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2620:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[4096];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2621:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hline [256];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2625:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "SIMPLE = T"); stradd(header, hline);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2626:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "NAXIS = 2"); stradd(header, hline);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2627:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "NAXIS1 = %d", naxis1); stradd(header, hline);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2628:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "NAXIS2 = %d", naxis2); stradd(header, hline);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2629:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CTYPE1 = 'RA---TAN'"); stradd(header, hline);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2630:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CTYPE2 = 'DEC--TAN'"); stradd(header, hline);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2631:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CDELT1 = 0.000001"); stradd(header, hline);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2632:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CDELT2 = 0.000001"); stradd(header, hline);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2633:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CRVAL1 = 0."); stradd(header, hline);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2634:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CRVAL2 = 0."); stradd(header, hline);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2635:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CRPIX1 = %.2f", (naxis1 + 1.)/2.); stradd(header, hline);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2636:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CRPIX2 = %.2f", (naxis2 + 1.)/2.); stradd(header, hline);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2637:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CROTA2 = 0."); stradd(header, hline);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2638:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "END"); stradd(header, hline);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2763:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hdu = atoi(ptr);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2784:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:3201:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valstr[1024];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:3592:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[81];
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:3614:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "NAXIS1 = %d", naxis1);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:3617:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "NAXIS2 = %d", naxis2);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:3620:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "CRPIX1 = %15.10f", crpix1);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:3623:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "CRPIX2 = %15.10f", crpix2);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:3664:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(comment, "END\n");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:85:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char regionTypeStr[4][32] = {"POINT", "CONE", "BOX"};
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:103:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:104:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:203:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refNames [32768];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:204:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refTypes [32768];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:205:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refNulls [32768];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:206:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refUnits [32768];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:207:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refBlank [32768];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:208:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblBlank [32768];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:209:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out_string[32768];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:336:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proj [16];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:337:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile [MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:338:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:339:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:340:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename [MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:341:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char summary [MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:342:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outstr [MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:343:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char setName [MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:344:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basefile [MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:345:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memfile [MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:346:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infofile [MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:347:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reorg [MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:348:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldname [MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:349:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char codename [MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:350:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char countfile[MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:351:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:352:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char singleId [MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:353:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt [MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:356:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bigstr [BIGSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:399:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[256];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:400:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[256];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:443:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[MAXSTR];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:446:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cmdv[128];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:452:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpHeader[1600];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:453:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[80];
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:545:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
refresh = atoi(optarg);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:671:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infofile, ".info");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:673:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
finfo = fopen(infofile, "r");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:715:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nset = atoi(val);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:727:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxlev = atoi(val);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:749:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memfile, ".set");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:752:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdset = open(memfile, O_RDONLY);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:792:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(set[0].name, "single_catalog");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:832:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memfile, ".rec");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:835:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdrec = open(memfile, O_RDONLY);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:858:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memfile, ".rti");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:893:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(set[0].name, "single_catalog");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:975:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infofile, ".info");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:977:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
finfo = fopen(infofile, "w+");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:996:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memfile, ".set");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1000:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdset = open(memfile, O_RDWR | O_CREAT | O_TRUNC, 0664);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1072:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infofile, ".info");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1074:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
finfo = fopen(infofile, "w+");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1093:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memfile, ".set");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1097:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdset = open(memfile, O_RDWR | O_CREAT | O_TRUNC, 0664);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1134:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(set[0].name, "single_catalog");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1223:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memfile, ".rti");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1264:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memfile, ".rec");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1267:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdrec = open(memfile, O_RDWR | O_CREAT | O_TRUNC, 0664);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1277:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == EACCES) strcpy(codename, "EACCES");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1278:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == EAGAIN) strcpy(codename, "EAGAIN");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1279:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == EBADF) strcpy(codename, "EBADF");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1280:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == EINVAL) strcpy(codename, "EINVAL");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1281:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == EMFILE) strcpy(codename, "EMFILE");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1282:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == ENODEV) strcpy(codename, "ENODEV");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1283:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == ENOMEM) strcpy(codename, "ENOMEM");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1284:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == ENOTSUP) strcpy(codename, "ENOTSUP");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1285:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == ENXIO) strcpy(codename, "ENXIO");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1286:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == EOVERFLOW) strcpy(codename, "EOVERFLOW");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1560:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
equinox = atoi(tval(iequinox));
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1565:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nl = atoi(tval(inl));
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1566:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ns = atoi(tval(ins));
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1647:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1648:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1649:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1650:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", ns ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1651:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", nl ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1654:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %14.9f", crval1 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1655:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %14.9f", crval2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1656:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %14.9f", crpix1 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1657:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %14.9f", crpix2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1658:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %14.9f", cdelt1 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1659:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %14.9f", cdelt2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1660:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CROTA2 = %14.9f", crota2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1661:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", equinox); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1662:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2027:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(reorg, ".rti.new");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2029:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
newfile = open(reorg, O_RDWR | O_CREAT | O_TRUNC, 0664);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2047:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(countfile, ".counts");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2049:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdcnt = open(countfile, O_RDWR | O_CREAT | O_TRUNC, 0664);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2073:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infofile, ".info.new");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2075:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
finfo = fopen(infofile, "w+");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2097:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(oldname, ".rti");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2104:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(oldname, ".info");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2213:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dumpcount = atoi(cmdv[1]);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2277:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rdebug = atoi(cmdv[1]);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2525:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fsum = fopen(summary, "w+");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2971:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, " %%%lds %%10ld \n", ilen);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3064:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fsum = fopen(summary, "w+");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3099:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, " %%%lds %%10ld \n", ilen);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3206:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(setName, "single_catalog");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3233:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fsum = fopen(summary, "w+");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3333:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(setName, "single_catalog");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3359:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fref = fopen(tblfile, "r");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3368:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
reffd = open(tblfile, O_RDONLY);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3411:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fsum = fopen(summary, "w+");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:4148:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refRec[BIGSTR];
data/montage-6.0+dfsg/util/MovingTarget/rtree/index.c:300:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char indentStr[1024];
data/montage-6.0+dfsg/util/MovingTarget/rtree/index.c:433:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char indentStr[1024];
data/montage-6.0+dfsg/util/MovingTarget/rtree/mfmalloc.c:27:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(fname, O_RDONLY);
data/montage-6.0+dfsg/util/MovingTarget/rtree/mfmalloc.c:33:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(fname, O_RDWR | O_CREAT | O_TRUNC, 0664);
data/montage-6.0+dfsg/util/Pad/mPad.c:26:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/util/Pad/mPad.c:27:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file [MAXSTR];
data/montage-6.0+dfsg/util/Pad/mPad.c:78:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char histfile [1024];
data/montage-6.0+dfsg/util/Pad/mPad.c:79:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [1024];
data/montage-6.0+dfsg/util/Pad/mPad.c:80:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label [1024];
data/montage-6.0+dfsg/util/Pad/mPad.c:82:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datavalStr[256][1024];
data/montage-6.0+dfsg/util/Pad/mPad.c:95:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/util/Pad/mPad.c:230:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
left = atoi(argv[2]);
data/montage-6.0+dfsg/util/Pad/mPad.c:231:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
right = atoi(argv[3]);
data/montage-6.0+dfsg/util/Pad/mPad.c:232:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
top = atoi(argv[4]);
data/montage-6.0+dfsg/util/Pad/mPad.c:233:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bottom = atoi(argv[5]);
data/montage-6.0+dfsg/util/Pad/mPad.c:254:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fhist = fopen(histfile, "r");
data/montage-6.0+dfsg/util/Pad/mPad.c:673:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[MAXSTR];
data/montage-6.0+dfsg/util/Pad/mPad.c:749:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/util/Pix2Coord/mFixHdr.c:31:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile[1024];
data/montage-6.0+dfsg/util/Pix2Coord/mFixHdr.c:32:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile[1024];
data/montage-6.0+dfsg/util/Pix2Coord/mFixHdr.c:33:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [128];
data/montage-6.0+dfsg/util/Pix2Coord/mFixHdr.c:49:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(infile, "r");
data/montage-6.0+dfsg/util/Pix2Coord/mFixHdr.c:57:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(outfile, "w+");
data/montage-6.0+dfsg/util/Pix2Coord/mPix2Coord.c:63:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpl[MAXSTR];
data/montage-6.0+dfsg/util/Pix2Coord/mPix2Coord.c:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char native_csys[MAXSTR];
data/montage-6.0+dfsg/util/Pix2Coord/mPix2Coord.c:93:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hdu = atoi(optarg);
data/montage-6.0+dfsg/util/Pix2Coord/mPix2Coord.c:161:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(native_csys, "eq J2000");
data/montage-6.0+dfsg/util/Pix2Coord/mPix2Coord.c:169:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(native_csys, "eq J2000");
data/montage-6.0+dfsg/util/Pix2Coord/mPix2Coord.c:178:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(native_csys, "eq B 1950");
data/montage-6.0+dfsg/util/Pix2Coord/mPix2Coord.c:189:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(native_csys, "gal");
data/montage-6.0+dfsg/util/Pix2Coord/mPix2Coord.c:199:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(native_csys, "gal");
data/montage-6.0+dfsg/util/Pix2Coord/mPix2Coord.c:211:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(native_csys, "ec J2000");
data/montage-6.0+dfsg/util/Pix2Coord/mPix2Coord.c:220:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(native_csys, "ec B1950");
data/montage-6.0+dfsg/util/Rotate/mRotate.c:31:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_file [MAXSTR];
data/montage-6.0+dfsg/util/Rotate/mRotate.c:32:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_file[MAXSTR];
data/montage-6.0+dfsg/util/Rotate/mRotate.c:125:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/util/Rotate/mRotate.c:156:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(argv[i+1], "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/util/Rotate/mRotate.c:949:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[MAXSTR];
data/montage-6.0+dfsg/util/Rotate/mRotate.c:1093:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/util/Search/mSearch.c:71:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char regionTypeStr[4][32] = {"POINT", "CONE", "BOX"};
data/montage-6.0+dfsg/util/Search/mSearch.c:88:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:89:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:188:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refNames [32768];
data/montage-6.0+dfsg/util/Search/mSearch.c:189:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refTypes [32768];
data/montage-6.0+dfsg/util/Search/mSearch.c:190:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refNulls [32768];
data/montage-6.0+dfsg/util/Search/mSearch.c:191:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refUnits [32768];
data/montage-6.0+dfsg/util/Search/mSearch.c:192:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refBlank [32768];
data/montage-6.0+dfsg/util/Search/mSearch.c:193:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblBlank [32768];
data/montage-6.0+dfsg/util/Search/mSearch.c:194:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out_string[32768];
data/montage-6.0+dfsg/util/Search/mSearch.c:305:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proj [16];
data/montage-6.0+dfsg/util/Search/mSearch.c:306:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infile [MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:307:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:308:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:309:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename [MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:310:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char summary [MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:311:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outstr [MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:312:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char setName [MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:313:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basefile [MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:314:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char memfile [MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:315:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infofile [MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:316:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reorg [MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:317:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldname [MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:318:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char codename [MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:319:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char countfile[MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:320:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path [MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:321:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char singleId [MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:322:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmt [MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:325:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bigstr [BIGSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:368:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype1[256];
data/montage-6.0+dfsg/util/Search/mSearch.c:369:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype2[256];
data/montage-6.0+dfsg/util/Search/mSearch.c:403:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[MAXSTR];
data/montage-6.0+dfsg/util/Search/mSearch.c:406:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cmdv[128];
data/montage-6.0+dfsg/util/Search/mSearch.c:412:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpHeader[1600];
data/montage-6.0+dfsg/util/Search/mSearch.c:413:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[80];
data/montage-6.0+dfsg/util/Search/mSearch.c:484:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
refresh = atoi(optarg);
data/montage-6.0+dfsg/util/Search/mSearch.c:583:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infofile, ".info");
data/montage-6.0+dfsg/util/Search/mSearch.c:585:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
finfo = fopen(infofile, "r");
data/montage-6.0+dfsg/util/Search/mSearch.c:627:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nset = atoi(val);
data/montage-6.0+dfsg/util/Search/mSearch.c:639:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxlev = atoi(val);
data/montage-6.0+dfsg/util/Search/mSearch.c:661:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memfile, ".set");
data/montage-6.0+dfsg/util/Search/mSearch.c:664:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdset = open(memfile, O_RDONLY);
data/montage-6.0+dfsg/util/Search/mSearch.c:704:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(set[0].name, "single_catalog");
data/montage-6.0+dfsg/util/Search/mSearch.c:733:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memfile, ".rec");
data/montage-6.0+dfsg/util/Search/mSearch.c:736:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdrec = open(memfile, O_RDONLY);
data/montage-6.0+dfsg/util/Search/mSearch.c:759:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memfile, ".rti");
data/montage-6.0+dfsg/util/Search/mSearch.c:794:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(set[0].name, "single_catalog");
data/montage-6.0+dfsg/util/Search/mSearch.c:891:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infofile, ".info");
data/montage-6.0+dfsg/util/Search/mSearch.c:893:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
finfo = fopen(infofile, "w+");
data/montage-6.0+dfsg/util/Search/mSearch.c:912:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memfile, ".set");
data/montage-6.0+dfsg/util/Search/mSearch.c:916:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdset = open(memfile, O_RDWR | O_CREAT | O_TRUNC, 0664);
data/montage-6.0+dfsg/util/Search/mSearch.c:988:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infofile, ".info");
data/montage-6.0+dfsg/util/Search/mSearch.c:990:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
finfo = fopen(infofile, "w+");
data/montage-6.0+dfsg/util/Search/mSearch.c:1009:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memfile, ".set");
data/montage-6.0+dfsg/util/Search/mSearch.c:1013:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdset = open(memfile, O_RDWR | O_CREAT | O_TRUNC, 0664);
data/montage-6.0+dfsg/util/Search/mSearch.c:1050:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(set[0].name, "single_catalog");
data/montage-6.0+dfsg/util/Search/mSearch.c:1141:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memfile, ".rti");
data/montage-6.0+dfsg/util/Search/mSearch.c:1182:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(memfile, ".rec");
data/montage-6.0+dfsg/util/Search/mSearch.c:1185:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdrec = open(memfile, O_RDWR | O_CREAT | O_TRUNC, 0664);
data/montage-6.0+dfsg/util/Search/mSearch.c:1195:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == EACCES) strcpy(codename, "EACCES");
data/montage-6.0+dfsg/util/Search/mSearch.c:1196:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == EAGAIN) strcpy(codename, "EAGAIN");
data/montage-6.0+dfsg/util/Search/mSearch.c:1197:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == EBADF) strcpy(codename, "EBADF");
data/montage-6.0+dfsg/util/Search/mSearch.c:1198:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == EINVAL) strcpy(codename, "EINVAL");
data/montage-6.0+dfsg/util/Search/mSearch.c:1199:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == EMFILE) strcpy(codename, "EMFILE");
data/montage-6.0+dfsg/util/Search/mSearch.c:1200:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == ENODEV) strcpy(codename, "ENODEV");
data/montage-6.0+dfsg/util/Search/mSearch.c:1201:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == ENOMEM) strcpy(codename, "ENOMEM");
data/montage-6.0+dfsg/util/Search/mSearch.c:1202:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == ENOTSUP) strcpy(codename, "ENOTSUP");
data/montage-6.0+dfsg/util/Search/mSearch.c:1203:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == ENXIO) strcpy(codename, "ENXIO");
data/montage-6.0+dfsg/util/Search/mSearch.c:1204:36: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(errno == EOVERFLOW) strcpy(codename, "EOVERFLOW");
data/montage-6.0+dfsg/util/Search/mSearch.c:1406:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
equinox = atoi(tval(iequinox));
data/montage-6.0+dfsg/util/Search/mSearch.c:1411:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nl = atoi(tval(inl));
data/montage-6.0+dfsg/util/Search/mSearch.c:1412:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ns = atoi(tval(ins));
data/montage-6.0+dfsg/util/Search/mSearch.c:1493:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/Search/mSearch.c:1494:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/Search/mSearch.c:1495:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/Search/mSearch.c:1496:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", ns ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/Search/mSearch.c:1497:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", nl ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/Search/mSearch.c:1500:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %14.9f", crval1 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/Search/mSearch.c:1501:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %14.9f", crval2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/Search/mSearch.c:1502:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %14.9f", crpix1 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/Search/mSearch.c:1503:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %14.9f", crpix2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/Search/mSearch.c:1504:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %14.9f", cdelt1 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/Search/mSearch.c:1505:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %14.9f", cdelt2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/Search/mSearch.c:1506:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CROTA2 = %14.9f", crota2 ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/Search/mSearch.c:1507:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", equinox); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/Search/mSearch.c:1508:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); stradd(tmpHeader, temp);
data/montage-6.0+dfsg/util/Search/mSearch.c:1869:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(reorg, ".rti.new");
data/montage-6.0+dfsg/util/Search/mSearch.c:1871:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
newfile = open(reorg, O_RDWR | O_CREAT | O_TRUNC, 0664);
data/montage-6.0+dfsg/util/Search/mSearch.c:1917:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(infofile, ".info.new");
data/montage-6.0+dfsg/util/Search/mSearch.c:1919:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
finfo = fopen(infofile, "w+");
data/montage-6.0+dfsg/util/Search/mSearch.c:1941:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(oldname, ".rti");
data/montage-6.0+dfsg/util/Search/mSearch.c:1948:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(oldname, ".info");
data/montage-6.0+dfsg/util/Search/mSearch.c:2057:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dumpcount = atoi(cmdv[1]);
data/montage-6.0+dfsg/util/Search/mSearch.c:2128:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rdebug = atoi(cmdv[1]);
data/montage-6.0+dfsg/util/Search/mSearch.c:2323:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fsum = fopen(summary, "w+");
data/montage-6.0+dfsg/util/Search/mSearch.c:2705:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, " %%%lds %%10ld \n", ilen);
data/montage-6.0+dfsg/util/Search/mSearch.c:2800:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fsum = fopen(summary, "w+");
data/montage-6.0+dfsg/util/Search/mSearch.c:2835:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fmt, " %%%lds %%10ld \n", ilen);
data/montage-6.0+dfsg/util/Search/mSearch.c:2944:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(setName, "single_catalog");
data/montage-6.0+dfsg/util/Search/mSearch.c:2971:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fsum = fopen(summary, "w+");
data/montage-6.0+dfsg/util/Search/mSearch.c:3074:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(setName, "single_catalog");
data/montage-6.0+dfsg/util/Search/mSearch.c:3100:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fref = fopen(tblfile, "r");
data/montage-6.0+dfsg/util/Search/mSearch.c:3109:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
reffd = open(tblfile, O_RDONLY);
data/montage-6.0+dfsg/util/Search/mSearch.c:3154:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fsum = fopen(summary, "w+");
data/montage-6.0+dfsg/util/Search/mSearch.c:3786:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refRec[BIGSTR];
data/montage-6.0+dfsg/util/Search/rtree/index.c:323:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char indentStr[1024];
data/montage-6.0+dfsg/util/Search/rtree/index.c:456:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char indentStr[1024];
data/montage-6.0+dfsg/util/Search/rtree/mfmalloc.c:27:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(fname, O_RDONLY);
data/montage-6.0+dfsg/util/Search/rtree/mfmalloc.c:33:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(fname, O_RDWR | O_CREAT | O_TRUNC, 0664);
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:60:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itmpl[MAXSTR];
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:61:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char otmpl[MAXSTR];
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:88:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
scale = atoi(optarg);
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:109:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(otmpl, "w+");
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:200:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:201:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80000];
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:203:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(template, "r");
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:291:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[81];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:50:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg [MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:51:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template [MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:52:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:53:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workspace[MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:54:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdrFile [MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:55:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sizestr [MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:56:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char survey [MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:57:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char band [MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:58:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:59:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp [MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:60:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd [MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:61:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:62:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:64:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr [MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:65:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decstr [MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:66:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char namestr [MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:67:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locstr [MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:68:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lblstr [MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:69:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirstr [MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:70:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile [MAXLEN];
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:144:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(template, "MOSAICS_XXXXXX");
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:170:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(template, "/tmp/HDR_XXXXXX");
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:175:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outtbl = fopen(outfile, "w+");
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:32:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inputFile [STRLEN];
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:33:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outputFile[STRLEN];
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:83:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char card [STRLEN];
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:84:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newcard [STRLEN];
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:85:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname [STRLEN];
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:86:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value [STRLEN];
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:87:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment [STRLEN];
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:88:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr [STRLEN];
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:89:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char statfile[STRLEN];
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:104:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:267:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(statfile, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:613:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errstr, "Error writing card %d.", keynum);
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:725:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype[4][16];
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:730:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(status) strcpy(ctype[0], "NONE");
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:735:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(status) strcpy(ctype[1], "NONE");
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:740:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(status) strcpy(ctype[2], "NONE");
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:745:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(status) strcpy(ctype[3], "NONE");
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:809:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *wcs[9] = { "NAXISn", "CRVALn", "CRPIXn",
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:819:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char retstr[STRLEN];
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:821:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wcskey[STRLEN];
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:915:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/util/Viewer/grid.c:135:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lon_lab[8][32];
data/montage-6.0+dfsg/util/Viewer/grid.c:136:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lat_lab[8][32];
data/montage-6.0+dfsg/util/Viewer/grid.c:904:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dstr[16];
data/montage-6.0+dfsg/util/Viewer/grid.c:905:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mstr[16];
data/montage-6.0+dfsg/util/Viewer/grid.c:906:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sstr[16];
data/montage-6.0+dfsg/util/Viewer/grid.c:909:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char label[32];
data/montage-6.0+dfsg/util/Viewer/grid.c:923:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dstr, "%d", ideg);
data/montage-6.0+dfsg/util/Viewer/grid.c:928:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mstr, "%02d", imin);
data/montage-6.0+dfsg/util/Viewer/grid.c:932:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sstr, "%05.2f", val);
data/montage-6.0+dfsg/util/Viewer/grid.c:936:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sstr, "00.00");
data/montage-6.0+dfsg/util/Viewer/grid.c:938:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mstr, "%02d", imin);
data/montage-6.0+dfsg/util/Viewer/grid.c:943:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mstr, "00");
data/montage-6.0+dfsg/util/Viewer/grid.c:945:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dstr, "%d", ideg);
data/montage-6.0+dfsg/util/Viewer/grid.c:985:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(label, " 00m");
data/montage-6.0+dfsg/util/Viewer/grid.c:1011:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hstr[16];
data/montage-6.0+dfsg/util/Viewer/grid.c:1012:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mstr[16];
data/montage-6.0+dfsg/util/Viewer/grid.c:1013:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sstr[16];
data/montage-6.0+dfsg/util/Viewer/grid.c:1016:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char label[32];
data/montage-6.0+dfsg/util/Viewer/grid.c:1026:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hstr, "%d", ihr);
data/montage-6.0+dfsg/util/Viewer/grid.c:1031:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mstr, "%02d", imin);
data/montage-6.0+dfsg/util/Viewer/grid.c:1035:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sstr, "%05.2f", val);
data/montage-6.0+dfsg/util/Viewer/grid.c:1039:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sstr, "00.00");
data/montage-6.0+dfsg/util/Viewer/grid.c:1041:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mstr, "%02d", imin);
data/montage-6.0+dfsg/util/Viewer/grid.c:1046:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sstr, "00");
data/montage-6.0+dfsg/util/Viewer/grid.c:1048:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hstr, "%d", ihr);
data/montage-6.0+dfsg/util/Viewer/grid.c:1087:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(label, " 00m");
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:61:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char histfile [1024];
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:105:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grayfile [1024];
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:107:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grayminstr [256];
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:108:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char graymaxstr [256];
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:109:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char graybetastr [256];
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:139:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:219:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(graybetastr, "2s");
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:310:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(histfile, "w+");
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:465:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
planes[count] = atoi(ptr);
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:483:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:628:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valstr[1024];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:166:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fontfile[1024];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:299:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[MAXSTR]; // File name
data/montage-6.0+dfsg/util/Viewer/mViewer.c:305:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colorColumn[MAXSTR]; // Override color column (content e.g. 'red' or "ff00a0")
data/montage-6.0+dfsg/util/Viewer/mViewer.c:313:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symSizeColumn [MAXSTR]; // Override symbol column (content e.g. '20s diamond')
data/montage-6.0+dfsg/util/Viewer/mViewer.c:314:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symShapeColumn[MAXSTR]; // Override symbol column (content e.g. '20s diamond')
data/montage-6.0+dfsg/util/Viewer/mViewer.c:318:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scaleColumn[MAXSTR]; // Column for data-scaled symbols
data/montage-6.0+dfsg/util/Viewer/mViewer.c:320:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelColumn[MAXSTR]; // Column containing label string
data/montage-6.0+dfsg/util/Viewer/mViewer.c:333:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAXSTR]; // Label text
data/montage-6.0+dfsg/util/Viewer/mViewer.c:375:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symSizeColumn [MAXSTR];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:376:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symShapeColumn[MAXSTR];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:377:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scaleColumn [MAXSTR];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:378:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelColumn [MAXSTR];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:379:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colorColumn [MAXSTR];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:420:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char im_ctype1[16];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:421:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char im_ctype2[16];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:432:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char im_header[1600];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:433:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[80];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:476:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char statusfile [1024];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:477:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grayfile [1024];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:478:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redfile [1024];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:479:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenfile [1024];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:480:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluefile [1024];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:481:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jpegfile [1024];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:482:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pngfile [1024];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:484:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grayhistfile [1024];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:485:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redhistfile [1024];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:486:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenhistfile[1024];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:487:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluehistfile [1024];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:490:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grayminstr [256];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:491:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char graymaxstr [256];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:492:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char graybetastr [256];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:493:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redminstr [256];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:494:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redmaxstr [256];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:495:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redbetastr [256];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:496:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenminstr [256];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:497:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenmaxstr [256];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:498:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenbetastr [256];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:499:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blueminstr [256];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:500:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluemaxstr [256];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:501:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluebetastr [256];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:502:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colorstr [256];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:503:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbolstr [256];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:504:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelstr [256];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:574:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bunit[256];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:599:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:624:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fontfile, "FreeSans.ttf");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:886:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
|| strstr(argv[i+2], "p") != (char *)NULL)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1284:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
|| strstr(argv[i+2], "p") != (char *)NULL)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1387:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((fstatus = fopen(statusfile, "w+")) == (FILE *)NULL)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1463:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(graybetastr, "2s");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1588:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(redbetastr, "2s");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1712:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(greenbetastr, "2s");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1836:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bluebetastr, "2s");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1926:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
jpegfp = fopen(jpegfile, "w+");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4296:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
im_naxis1 = atoi(tval(ins));
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4297:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
im_naxis2 = atoi(tval(inl));
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4308:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
im_equinox = atoi(tval(iequinox));
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4311:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "SIMPLE = T" ); stradd(im_header, temp);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4312:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "BITPIX = -64" ); stradd(im_header, temp);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4313:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS = 2" ); stradd(im_header, temp);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4314:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS1 = %d", im_naxis1 ); stradd(im_header, temp);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4315:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "NAXIS2 = %d", im_naxis2 ); stradd(im_header, temp);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4318:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL1 = %11.6f", im_crval1 ); stradd(im_header, temp);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4319:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRVAL2 = %11.6f", im_crval2 ); stradd(im_header, temp);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4320:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX1 = %11.6f", im_crpix1 ); stradd(im_header, temp);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4321:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CRPIX2 = %11.6f", im_crpix2 ); stradd(im_header, temp);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4322:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT1 = %14.9f", im_cdelt1 ); stradd(im_header, temp);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4323:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CDELT2 = %14.9f", im_cdelt2 ); stradd(im_header, temp);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4324:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "CROTA2 = %11.6f", im_crota2 ); stradd(im_header, temp);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4325:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "EQUINOX = %d", im_equinox); stradd(im_header, temp);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4326:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "END" ); stradd(im_header, temp);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4556:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cmdv[256];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4693:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colorstr[MAXSTR];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4826:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[4096];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4827:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hline [256];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4831:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "SIMPLE = T"); stradd(header, hline);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4832:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "NAXIS = 2"); stradd(header, hline);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4833:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "NAXIS1 = %d", naxis1); stradd(header, hline);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4834:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "NAXIS2 = %d", naxis2); stradd(header, hline);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4835:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CTYPE1 = 'RA---TAN'"); stradd(header, hline);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4836:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CTYPE2 = 'DEC--TAN'"); stradd(header, hline);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4837:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CDELT1 = 0.000001"); stradd(header, hline);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4838:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CDELT2 = 0.000001"); stradd(header, hline);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4839:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CRVAL1 = 0."); stradd(header, hline);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4840:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CRVAL2 = 0."); stradd(header, hline);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4841:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CRPIX1 = %.2f", (naxis1 + 1.)/2.); stradd(header, hline);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4842:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CRPIX2 = %.2f", (naxis2 + 1.)/2.); stradd(header, hline);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4843:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "CROTA2 = 0."); stradd(header, hline);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4844:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(hline, "END"); stradd(header, hline);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4945:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
planes[count] = atoi(ptr);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4963:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status_str[FLEN_STATUS];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5383:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char valstr[1024];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5666:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [1024];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5667:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[1024];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5669:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fhist = fopen(histfile, "r");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5830:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[81];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5852:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "NAXIS1 = %d", naxis1);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5855:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "NAXIS2 = %d", naxis2);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5858:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "CRPIX1 = %15.10f", crpix1);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5861:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "CRPIX2 = %15.10f", crpix2);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5902:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(comment, "END\n");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5921:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5929:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proj[64];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5930:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char csys[64];
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5933:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(wcs->prjcode == WCS_PIX) strcpy(proj, "PIX");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5934:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_LIN) strcpy(proj, "LIN");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5935:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_AZP) strcpy(proj, "AZP");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5936:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_SZP) strcpy(proj, "SZP");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5937:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_TAN) strcpy(proj, "TAN");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5938:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_SIN) strcpy(proj, "SIN");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5939:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_STG) strcpy(proj, "STG");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5940:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_ARC) strcpy(proj, "ARC");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5941:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_ZPN) strcpy(proj, "ZPN");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5942:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_ZEA) strcpy(proj, "ZEA");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5943:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_AIR) strcpy(proj, "AIR");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5944:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_CYP) strcpy(proj, "CYP");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5945:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_CAR) strcpy(proj, "CAR");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5946:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_MER) strcpy(proj, "MER");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5947:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_CEA) strcpy(proj, "CEA");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5948:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_COP) strcpy(proj, "COP");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5949:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_COD) strcpy(proj, "COD");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5950:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_COE) strcpy(proj, "COE");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5951:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_COO) strcpy(proj, "COO");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5952:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_BON) strcpy(proj, "BON");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5953:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_PCO) strcpy(proj, "PCO");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5954:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_SFL) strcpy(proj, "SFL");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5955:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_PAR) strcpy(proj, "PAR");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5956:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_AIT) strcpy(proj, "AIT");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5957:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_MOL) strcpy(proj, "MOL");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5958:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_CSC) strcpy(proj, "CSC");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5959:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_QSC) strcpy(proj, "QSC");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5960:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_TSC) strcpy(proj, "TSC");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5961:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_NCP) strcpy(proj, "NCP");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5962:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_GLS) strcpy(proj, "GLS");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5963:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_DSS) strcpy(proj, "DSS");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5964:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_PLT) strcpy(proj, "PLT");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5965:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_TNX) strcpy(proj, "TNX");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5966:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_ZPX) strcpy(proj, "ZPX");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5967:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == WCS_TPV) strcpy(proj, "TPV");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5968:38: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->prjcode == NWCSTYPE) strcpy(proj, "NWCSTYPE");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5985:41: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if(wcs->syswcs == WCS_J2000) strcpy(csys, "ICRS");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5986:41: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->syswcs == WCS_B1950) strcpy(csys, "FK4");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5987:41: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->syswcs == WCS_GALACTIC) strcpy(csys, "GAL");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5988:41: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if(wcs->syswcs == WCS_ECLIPTIC) strcpy(csys, "ECL");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5989:41: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else strcpy(csys, "ICRS");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5993:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "<?xpacket begin=\" \" id=\"W5M0MpCehiHzreSzNTczkc9d\"?>\n");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5996:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "<x:xmpmeta xmlns:x=\"adobe:ns:meta/\" x:xmptk=\"Adobe XMP Core 4.2-c020 1.124078, Tue Sep 11 2007 23:21:40 \">\n");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5999:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:RDF xmlns:rdf=\"http://www.w3.org/1999/02/22-rdf-syntax-ns#\">\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6000:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:Description rdf:about=\"\"\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6001:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " xmlns:avm=\"http://www.communicatingastronomy.org/avm/1.0/\">\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6002:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <avm:MetadataVersion>1.1</avm:MetadataVersion>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6003:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <avm:Type>Observation</avm:Type>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6004:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <avm:Spatial.Quality>Full</avm:Spatial.Quality>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6006:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <avm:Spatial.Equinox>%.1f</avm:Spatial.Equinox>\n", equinox); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6008:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <avm:Spatial.Rotation>%.10e</avm:Spatial.Rotation>\n", crota2); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6009:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <avm:Spatial.ReferenceDimension>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6010:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6011:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:li>%d</rdf:li>\n", naxis1); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6012:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:li>%d</rdf:li>\n", naxis2); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6013:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6014:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </avm:Spatial.ReferenceDimension>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6015:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <avm:Spatial.ReferenceValue>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6016:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6017:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", crval1); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6018:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", crval2); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6019:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6020:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </avm:Spatial.ReferenceValue>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6021:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <avm:Spatial.ReferencePixel>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6022:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6023:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", crpix1); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6024:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", crpix2); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6025:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6026:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </avm:Spatial.ReferencePixel>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6027:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <avm:Spatial.Scale>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6028:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6029:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", xinc); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6030:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " <rdf:li>%.10e</rdf:li>\n", yinc); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6031:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </rdf:Seq>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6032:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </avm:Spatial.Scale>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6033:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </rdf:Description>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6034:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, " </rdf:RDF>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6035:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "</x:xmpmeta>\n"); strcat(comment, line);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:6039:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "<?xpacket end=\"r\"?>");
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:33:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [16];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:34:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xmlfile [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:35:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:36:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpname [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:37:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char catname [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:38:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:39:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:40:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:41:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:42:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblname [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:43:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tabfile [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:44:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblfile [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:45:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flagval [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:46:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:47:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char description[MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:48:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unit [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:49:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utype [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:50:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ucd [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:51:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dataType [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:52:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char indexed [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:53:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char primary [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:54:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char table [MAXSTR][132];
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:139:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(xmlfile, ".xml");
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:151:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(xmlfile, "w+");
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:216:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tag, "tableset.schema.table[%d].name", i);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:238:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tag, "tableset.schema.table[%d].column", i);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:248:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ftab = fopen(tabfile, "w+");
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:264:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tag, "tableset.schema.table[%d].column[%d].name", i, j);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:270:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tag, "tableset.schema.table[%d].column[%d].description", i, j);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:275:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tag, "tableset.schema.table[%d].column[%d].unit", i, j);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:280:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tag, "tableset.schema.table[%d].column[%d].utype", i, j);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:285:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tag, "tableset.schema.table[%d].column[%d].ucd", i, j);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:290:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tag, "tableset.schema.table[%d].column[%d].dataType", i, j);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:295:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tag, "tableset.schema.table[%d].column[%d].flag", i, j);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:299:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(indexed, "false");
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:300:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(primary, "false");
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:304:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tag, "tableset.schema.table[%d].column[%d].flag[%d]", i, j, k);
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:311:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(indexed, "true");
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:314:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(primary, "true");
data/montage-6.0+dfsg/web/mTAP/tapResults.c:17:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locationStr[MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapResults.c:29:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapResults.c:30:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ref [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapResults.c:31:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile[MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapResults.c:82:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(outfile, "w+");
data/montage-6.0+dfsg/web/mTAP/tapStatus.c:19:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locationStr[MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapStatus.c:31:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapStatus.c:32:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ref [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapStatus.c:33:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapStatus.c:34:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xmlfile[MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapStatus.c:83:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xmlfile, "/tmp/TAPStatusXXXXXX");
data/montage-6.0+dfsg/web/mTAP/tapStatus.c:84:4: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
mkstemp(xmlfile);
data/montage-6.0+dfsg/web/mTAP/tapStatus.c:86:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(xmlfile, "w+");
data/montage-6.0+dfsg/web/mTAP/tapSubmit.c:18:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locationStr[MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapSubmit.c:30:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url [MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapSubmit.c:31:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char adql[MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapSubmit.c:32:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXSTR];
data/montage-6.0+dfsg/web/mTAP/tapSubmit.c:140:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[MAXSTR];
data/montage-6.0+dfsg/web/mViewer/checkFileExist.c:18:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cptr, str[1024], fname_in[1024];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:87:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexcolor[30];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:88:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[40];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:89:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colorlowercase[30];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:158:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char retstr[4096];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:159:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1024];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:161:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char layerfilename[1024];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:163:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char layertype[40];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:164:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char layercolor[40];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:165:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char layervis[40];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:166:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char layercsys[40];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:168:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hexcolor[40];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:170:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symtype[40];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:171:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symsize[40];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:172:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symside[40];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:173:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datatype[40];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:174:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dataref[40];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:175:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datacol[40];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:177:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[200];
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:191:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (retstr, "{\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:223:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, " \"imcube\":\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:226:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, " {\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:238:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, " \"planenum\": \"%d\",\n", param->nfitsplane);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:240:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, " \"nplaneave\": \"%d\",\n", param->nplaneave);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:242:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, " \"centerplane\": \"%d\",\n", param->centerplane);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:245:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, " \"startplane\": \"%d\",\n", param->startplane);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:247:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, " \"endplane\": \"%d\"\n", param->endplane);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:250:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " },\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:257:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"image\":\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:259:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " {\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:279:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"type\": \"color\",\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:282:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"type\": \"grayscale\",\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:311:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"canvaswidth\": \"%d\",\n", param->canvasWidth);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:313:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"canvasheight\": \"%d\",\n", param->canvasHeight);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:318:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"refwidth\": \"%d\",\n", param->refWidth);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:320:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"refheight\": \"%d\",\n", param->refHeight);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:325:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"imagewidth\": \"%d\",\n", param->imageWidth);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:327:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"imageheight\": \"%d\",\n", param->imageHeight);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:329:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"nowcs\": \"%d\",\n", param->nowcs);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:343:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"factor\": \"%.4f\",\n", param->zoomfactor);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:358:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"grayfile\":\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:361:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " {\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:390:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"colortable\": \"%d\",\n", indx);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:420:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"xflip\": \"%d\",\n", param->xflip);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:422:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"yflip\": \"%d\",\n", param->yflip);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:428:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " }\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:430:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " },\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:454:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"redFile\":\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:457:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " {\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:503:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"xflip\": \"%d\",\n", param->xflip);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:505:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"yflip\": \"%d\",\n", param->yflip);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:520:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " }");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:533:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " ,\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:536:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"greenFile\":\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:539:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " {\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:581:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " }");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:597:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " ,\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:600:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"blueFile\":\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:603:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " {\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:647:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " }");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:648:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " }");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:666:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"subimage\":\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:669:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " {\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:681:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"cutoutwidth\": \"%d\",\n", param->ns);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:683:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"cutoutheight\": \"%d\",\n", param->nl);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:687:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"cutoutwidth\": \"%d\",\n", param->cutoutWidth);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:689:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"cutoutheight\": \"%d\",\n", param->cutoutHeight);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:693:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"ss\": \"%.1f\",\n", param->ss);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:695:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"sl\": \"%.1f\",\n", param->sl);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:701:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"xmin\": \"%.1f\",\n", param->xmin);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:703:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"xmax\": \"%.1f\",\n", param->xmax);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:705:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"ymin\": \"%.1f\",\n", param->ymin);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:707:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"ymax\": \"%.1f\"\n", param->ymax);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:710:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " },\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:719:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"cursor\":\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:722:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " {\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:729:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"xs\": \"%.1f\",\n", param->xs);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:731:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"xe\": \"%.1f\",\n", param->xe);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:733:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"ys\": \"%.1f\",\n", param->ys);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:735:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"ye\": \"%.1f\",\n", param->ye);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:741:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"pickvalue\": \"%lf\",\n", param->pickval);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:746:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"xpick\": \"%d\",\n", param->xpick);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:748:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"ypick\": \"%d\",\n", param->ypick);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:751:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"rapick\": \"%lf\",\n", param->rapick);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:753:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"decpick\": \"%lf\",\n", param->decpick);
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:761:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " }");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:786:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "}\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:803:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, ",\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:806:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"overlay\":\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:809:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " [\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:855:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " {\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:858:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"type\": \"grid\",\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:898:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"visible\": \"true\"\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:902:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"visible\": \"false\"\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:905:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " }");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:927:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, ",\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:930:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " {\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:933:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"type\": \"mark\",\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:951:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (hexcolor, "880000");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:981:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"visible\": \"true\"\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:985:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"visible\": \"false\"\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:988:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " }");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1015:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, ",\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1018:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " {\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1021:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"type\": \"catalog\",\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1077:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"visible\": \"true\"\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1081:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"visible\": \"false\"\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1084:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " }");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1098:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, ",\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1101:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " {\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1104:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"type\": \"iminfo\",\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1139:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"visible\": \"true\"\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1144:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"visible\": \"false\"\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1147:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " }");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1154:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " ,\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1157:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " {\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1160:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"type\": \"label\",\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1201:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"visible\": \"true\"\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1205:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " \"visible\": \"false\"\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1208:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " }");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1215:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, " ]\n");
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:54:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1024];
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:55:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[1024];
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:95:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:182:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "keyword SIMPLE not found in fits header");
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:187:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "keyword SIMPLE must be T or F");
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:196:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "keyword BITPIX not found in fits header");
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:202:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "keyword BITPIX must be an integer");
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:213:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg,
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:225:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "keyword naxis not found in fits header");
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:236:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "Failed to convert naxis to integer");
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:258:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "keyword naxis1 not found in fits header");
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:271:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "Failed to convert naxis1 string to integer");
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:287:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "keyword naxis2 not found in fits header");
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:300:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "Failed to convert naxis2 string to integer");
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:328:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "keyword naxis3 not found in fits header");
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:341:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "Failed to convert naxis3 string to integer");
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:397:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errmsg, "Failed to copy fitshdr\n");
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:414:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errmsg, "Failed to update keyword NAXIS3\n");
data/montage-6.0+dfsg/web/mViewer/extractAvePlane.c:563:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "fits write error: l= [%d]\n", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:35:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1024];
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:37:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[1024];
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:38:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseurl[1024];
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:39:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:76:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:84:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:100:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->errmsg, "No workspace specified.");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:117:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->errmsg, "Cannot chdir to work directory.");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:128:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->errmsg, "No JSON structure.");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:195:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->imageType, "jpeg");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:854:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->pickcsys, "eq j2000");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:880:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->planeavemode, "ave");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1019:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->colorTable, "grayscale");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1020:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->stretchMode, "linear");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1021:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->stretchMin, "0.5%");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1022:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->stretchMax, "99.5%");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1028:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->redMode, "linear");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1029:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->redMin, "0.5%");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1030:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->redMax, "99.5%");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1036:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->greenMode, "linear");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1037:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->greenMin, "0.5%");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1038:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->greenMax, "99.5%");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1044:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->blueMode, "linear");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1045:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->blueMin, "0.5%");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1046:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->blueMax, "99.5%");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1331:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->redMode, "linear");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1341:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->redMin, "0.5%");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1351:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->redMax, "99.5%");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1436:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->greenMode, "linear");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1446:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->greenMin, "0.5%");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1456:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->greenMax, "99.5%");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1515:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->blueMode, "linear");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1526:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->blueMin, "0.5%");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1537:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->blueMax, "99.5%");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1587:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1600:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d]", i);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1636:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d].type", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1640:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (param->errmsg, "No type given for overlay layer %d.", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1653:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->overlay[l].visible, "true");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1655:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d].visible", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1671:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->overlay[l].color, "grayscale");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1674:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->overlay[l].color, "green");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1677:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->overlay[l].color, "yellow");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1680:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->overlay[l].color, "red");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1683:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->overlay[l].color, "red");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1687:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d].color", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1705:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->overlay[l].coordSys, "eq j2000");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1707:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d].coordsys", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1727:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d].datadir", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1743:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d].datafile", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1747:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1760:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->overlay[l].coordSys, "eq j2000");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1761:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d].coordsys", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1783:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d].symtype", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1802:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d]symside", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1819:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->overlay[l].symSize, "1.0");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1821:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d].symsize", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1839:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d].datacol", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1857:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d].datatype", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1875:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d].dataref", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1897:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d].symtype", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1901:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->errmsg, "No marker type given.");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1914:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d].location", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1918:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->errmsg, "No marker location given.");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1930:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d].symsize", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1934:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->errmsg, "No marker size given.");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1950:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d].fontscale", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1966:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d].location", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1970:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->errmsg, "No label location given.");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1982:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (name, "overlay[%d].text", l);
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1986:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->errmsg, "No label text given.");
data/montage-6.0+dfsg/web/mViewer/fileCopy.c:26:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[1024], status[20];
data/montage-6.0+dfsg/web/mViewer/fitshdr.h:6:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[1024];
data/montage-6.0+dfsg/web/mViewer/fitshdr.h:8:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datatype[10];
data/montage-6.0+dfsg/web/mViewer/fitshdr.h:9:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bunit[20];
data/montage-6.0+dfsg/web/mViewer/fitshdr.h:11:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ra[40];
data/montage-6.0+dfsg/web/mViewer/fitshdr.h:12:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dec[40];
data/montage-6.0+dfsg/web/mViewer/fitshdr.h:32:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cunit[3][40];
data/montage-6.0+dfsg/web/mViewer/fitshdr.h:33:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype[3][20];
data/montage-6.0+dfsg/web/mViewer/fitshdr.h:41:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char csysstr[40];
data/montage-6.0+dfsg/web/mViewer/fitshdr.h:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char epochstr[40];
data/montage-6.0+dfsg/web/mViewer/fitshdr.h:43:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char equinoxstr[40];
data/montage-6.0+dfsg/web/mViewer/fitshdr.h:45:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char objname[100];
data/montage-6.0+dfsg/web/mViewer/fitshdr.h:46:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filter[100];
data/montage-6.0+dfsg/web/mViewer/fitshdr.h:47:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pixscale[100];
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:50:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1024];
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:51:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[1024];
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:105:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:199:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "keyword SIMPLE not found in fits header");
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:204:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "keyword SIMPLE must be T or F");
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:213:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "keyword BITPIX not found in fits header");
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:219:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "keyword BITPIX must be an integer");
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:230:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg,
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:242:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "keyword naxis not found in fits header");
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:253:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "Failed to convert naxis to integer");
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:275:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "keyword naxis1 not found in fits header");
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:288:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "Failed to convert naxis1 string to integer");
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:304:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "keyword naxis2 not found in fits header");
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:317:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "Failed to convert naxis2 string to integer");
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:345:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "keyword naxis3 not found in fits header");
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:358:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "Failed to convert naxis3 string to integer");
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:574:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errmsg, "Failed to copy fitshdr\n");
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:598:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errmsg, "Failed to update keyword NAXIS3\n");
data/montage-6.0+dfsg/web/mViewer/generateMedianPlane.c:628:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "fits write error: l= [%d] j= [%d]\n", l, j);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:35:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[1024];
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:37:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bscale[40];
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:38:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bzero[40];
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:39:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blank[40];
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:41:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[40];
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:44:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1024], substr1[10], substr2[10];
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:46:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char epochstr[40];
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:135:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (hdr->errmsg, "keyword SIMPLE not found in fits header");
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:140:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (hdr->errmsg, "keyword SIMPLE must be T or F");
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:156:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (hdr->errmsg, "keyword BITPIX not found in fits header");
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:162:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (hdr->errmsg, "keyword BITPIX must be an integer");
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:173:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (hdr->errmsg,
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:185:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (hdr->errmsg, "keyword naxis not found in fits header");
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:196:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (hdr->errmsg, "Failed to convert naxis to integer");
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:212:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (key, "naxis%d", l+1);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:262:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (hdr->bunit, "DN");
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:384:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (key, "cunit%d", l+1);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:418:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (key, "ctype%d", l+1);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:452:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (key, "CRPIX%d", l+1);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:502:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (key, "CRVAL%d", l+1);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:548:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (key, "CDELT%d", l+1);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:751:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (key, "CROTA%d", l+1);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:828:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (key, "CD%d_%d", l+1, i+1);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:897:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (key, "PC%d_%d", l+1, i+1);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:974:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (hdr->csysstr, "gal");
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:977:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (hdr->csysstr, "ec");
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:991:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (hdr->csysstr, "eq");
data/montage-6.0+dfsg/web/mViewer/imZoom.c:40:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subsetimpath[1024];
data/montage-6.0+dfsg/web/mViewer/imZoom.c:41:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subsetredpath[1024];
data/montage-6.0+dfsg/web/mViewer/imZoom.c:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subsetgrnpath[1024];
data/montage-6.0+dfsg/web/mViewer/imZoom.c:43:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subsetbluepath[1024];
data/montage-6.0+dfsg/web/mViewer/imZoom.c:45:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char graypath[1024];
data/montage-6.0+dfsg/web/mViewer/imZoom.c:46:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redpath[1024];
data/montage-6.0+dfsg/web/mViewer/imZoom.c:47:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grnpath[1024];
data/montage-6.0+dfsg/web/mViewer/imZoom.c:48:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluepath[1024];
data/montage-6.0+dfsg/web/mViewer/imZoom.c:179:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/imZoom.c:658:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param->errmsg, "New zoom area is less than 5x5 pixels "
data/montage-6.0+dfsg/web/mViewer/makeImage.c:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:95:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (color, "greyscale");
data/montage-6.0+dfsg/web/mViewer/makeImage.c:99:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (color, "reversegreyscale");
data/montage-6.0+dfsg/web/mViewer/makeImage.c:149:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[10000];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:150:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char paramstr[10000];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:151:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refParamstr[10000];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:153:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prog[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:154:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status[20];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:155:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filepath[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:157:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redpath[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:158:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grnpath[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:159:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluepath[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:162:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jpgpath[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:163:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refjpgpath[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:165:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char impath[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:166:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shrunkimpath[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:167:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shrunkrefimpath[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shrunkredpath[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:170:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shrunkrefredpath[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:172:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shrunkgrnpath[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:173:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shrunkrefgrnpath[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:175:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shrunkbluepath[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:176:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shrunkrefbluepath[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stretchMin[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:179:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stretchMax[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char layertype[40];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:182:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char color[40];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:183:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char visible[40];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:185:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symtype[40];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:186:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symside[40];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:188:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:190:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imroot[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:191:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suffix[40];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:192:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datamin[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:193:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datamax[1024];
data/montage-6.0+dfsg/web/mViewer/makeImage.c:651:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (prog, "mViewer ");
data/montage-6.0+dfsg/web/mViewer/makeImage.c:689:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (paramstr, "-nowcs -ct %d ", colortblIndx);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:690:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (refParamstr, "-nowcs -ct %d ", colortblIndx);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:693:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (paramstr, "-ct %d ", colortblIndx);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:694:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (refParamstr, "-ct %d ", colortblIndx);
data/montage-6.0+dfsg/web/mViewer/makeImage.c:706:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (stretchMin, "min");
data/montage-6.0+dfsg/web/mViewer/makeImage.c:713:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (stretchMax, "max");
data/montage-6.0+dfsg/web/mViewer/makeImage.c:741:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (paramstr, "-nowcs ");
data/montage-6.0+dfsg/web/mViewer/makeImage.c:742:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (refParamstr, "-nowcs ");
data/montage-6.0+dfsg/web/mViewer/mviewer.h:119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:157:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:158:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:165:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workDir[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:166:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:167:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseURL[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cubedatadir[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:170:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imdatadir[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:175:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:176:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workspace[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jsonFile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:180:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jsonOrig[30000];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jsonStr[30000];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:185:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char helphtml[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:186:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imname[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:187:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imageType[20];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:188:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imageFile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:190:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char objname[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:191:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filter[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:192:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pixscale[100];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:200:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nplaneavestr[20];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype3[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:210:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imcubefile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:211:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imcubepath[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:213:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redcubefile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:214:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redcubepath[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:215:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grncubefile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:216:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grncubepath[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:217:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluecubefile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:218:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluecubepath[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:223:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char planeavemode[20];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:236:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char canvasWidthStr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:237:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char canvasHeightStr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:238:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refWidthStr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:239:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refHeightStr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:246:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grayFile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:247:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grayPath[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:249:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colorTable[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:250:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stretchMode[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:251:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stretchMin[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:252:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stretchMax[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:254:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stretchMinval[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:255:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stretchMaxval[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:256:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stretchMinunit[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:257:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stretchMaxunit[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:260:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subsetimfile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:261:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shrunkimfile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:262:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shrunkRefimfile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:265:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redFile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:266:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redPath[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:267:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redMode[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:268:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redMin[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:269:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redMax[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:271:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenFile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:272:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenPath[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:273:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenMode[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:274:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenMin[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:275:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char greenMax[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:277:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blueFile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:278:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluePath[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:279:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blueMode[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:280:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blueMin[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:281:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blueMax[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:283:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subsetredfile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:284:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shrunkredfile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:285:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shrunkRefredfile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:287:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subsetgrnfile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:288:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shrunkgrnfile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:289:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shrunkRefgrnfile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:291:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subsetbluefile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:292:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shrunkbluefile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:293:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shrunkRefbluefile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:300:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:301:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char coordSys[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:302:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char color[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:304:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datadir[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:305:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dataFile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:306:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dataPath[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:307:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char visible[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:312:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dataCol[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:313:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dataType[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:314:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dataRef[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:315:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symType[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:316:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symSize[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:317:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symSide[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:318:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[200];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:319:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[200];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:337:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pickcsys[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:350:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imcsys[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:362:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jpgfile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:363:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refjpgfile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:384:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xflipstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:385:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yflipstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:389:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zoomfactorstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:390:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refzoomfactorstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:394:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datamin[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:395:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datamax[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:396:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bunit[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:398:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char minstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:399:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char maxstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:400:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char percminstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:401:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char percmaxstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:402:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sigmaminstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:403:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sigmamaxstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:405:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reddatamin[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:406:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reddatamax[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:407:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redminstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:408:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redmaxstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:409:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redpercminstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:410:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redpercmaxstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:411:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redsigmaminstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:412:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redsigmamaxstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:414:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grndatamin[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:415:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grndatamax[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:416:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grnminstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:417:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grnmaxstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:418:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grnpercminstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:419:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grnpercmaxstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:420:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grnsigmaminstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:421:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grnsigmamaxstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:423:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluedatamin[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:424:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluedatamax[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:425:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blueminstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:426:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluemaxstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:427:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluepercminstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:428:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluepercmaxstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:429:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluesigmaminstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:430:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluesigmamaxstr[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:435:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mintbl[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:453:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char retstr[10000];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:460:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char waveplottype[20];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:461:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char showplot[20];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:462:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char detachplot[20];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:464:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plottype[20];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:465:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotfile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:466:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotpath[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:467:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotjsonfile[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:468:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotjsonpath[1024];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:470:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plottitle[100];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:471:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotxaxis[20];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:472:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotyaxis[20];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:474:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotxlabel[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:475:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotylabel[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:477:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotxlabeloffset[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:478:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotylabeloffset[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:480:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotbgcolor[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:482:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotsymbol[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:483:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotcolor[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:485:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotlinestyle[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:486:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotlinecolor[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:488:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plothistvalue[40];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:509:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sexrapick[100];
data/montage-6.0+dfsg/web/mViewer/mviewer.h:510:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sexdecpick[100];
data/montage-6.0+dfsg/web/mViewer/mviewerUtil.c:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[1024];
data/montage-6.0+dfsg/web/mViewer/mviewerUtil.c:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timeout[256];
data/montage-6.0+dfsg/web/mViewer/mviewerUtil.c:75:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(htmlpath, "r");
data/montage-6.0+dfsg/web/mViewer/mviewerUtil.c:147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *endptr, str[40];
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:164:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1024];
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:165:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suffix[40];
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:166:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[1024];
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:168:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imroot[1024];
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redroot[1024];
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:170:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grnroot[1024];
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:171:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blueroot[1024];
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:173:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char impath[1024];
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char refJpgpath[1024];
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:183:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[256];
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:184:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char debugfname[1024];
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:207:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (debugfname, "/tmp/mviewer_%d.debug", pid);
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:209:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdebug = fopen (debugfname, "w+");
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:354:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param.grayFile, "implane.fits");
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:493:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (param.errmsg, "Cannot find required FITS image file "
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:651:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errmsg, "Either red or blue FITS image files for");
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:911:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (param.imcsys, "eq j2000");
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:46:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:47:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wspace [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:48:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:49:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filePath [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:50:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileBase [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:51:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:52:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseURL [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:53:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workDir [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:54:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hdrFile [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:55:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char htmlFile [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:56:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:57:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstr [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:58:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url [1024];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:91:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
debug = atoi(keyword_value("debug"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:100:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tmpstr, "/tmp/mViewerHdr.debug_%d", pid);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:101:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdebug = fopen (tmpstr, "w+");
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:38:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wspace [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:39:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:40:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:41:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:42:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workDir [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:43:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseFile [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:44:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:45:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colname [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:46:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prevname [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:47:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:48:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char offset [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:49:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstr [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:51:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char catName[256][STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:76:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
debug = atoi(keyword_value("debug"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:84:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tmpstr, "/tmp/icePlotterInfo.debug_%d", pid);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:86:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdebug = fopen (tmpstr, "w+");
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:100:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
update = atoi(keyword_value("update"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:41:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:42:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wspace [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:43:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:44:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:45:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char y [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:46:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char radius [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:47:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileBase [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:48:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:49:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseURL [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:50:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workDir [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:51:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:52:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstr [STRLEN];
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:85:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
debug = atoi(keyword_value("debug"));
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:93:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tmpstr, "/tmp/mViewerStats.debug_%d", pid);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:95:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdebug = fopen (tmpstr, "w+");
data/montage-6.0+dfsg/web/mViewer/parseCsysstr.c:28:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1024], substr[1024];
data/montage-6.0+dfsg/web/mViewer/parseCsysstr.c:29:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char csysstr[40], epochstr[40];
data/montage-6.0+dfsg/web/mViewer/pick.c:80:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[8];
data/montage-6.0+dfsg/web/mViewer/pick.c:153:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (errmsg, "Failed to read fits file\n");
data/montage-6.0+dfsg/web/mViewer/pick.c:176:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char impath[1024];
data/montage-6.0+dfsg/web/mViewer/pick.c:177:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fpath[1024];
data/montage-6.0+dfsg/web/mViewer/pick.c:178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rastr[40], decstr[40];
data/montage-6.0+dfsg/web/mViewer/pick.c:179:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imcsys[40];
data/montage-6.0+dfsg/web/mViewer/pick.c:180:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colname[1024];
data/montage-6.0+dfsg/web/mViewer/pick.c:181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1024];
data/montage-6.0+dfsg/web/mViewer/pick.c:183:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lonstr[40];
data/montage-6.0+dfsg/web/mViewer/pick.c:184:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char latstr[40];
data/montage-6.0+dfsg/web/mViewer/pick.c:409:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/pick.c:443:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (param->errmsg,
data/montage-6.0+dfsg/web/mViewer/pick.c:942:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "ra%d", k);
data/montage-6.0+dfsg/web/mViewer/pick.c:947:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (str, "dec%d", k);
data/montage-6.0+dfsg/web/mViewer/pix2sky.c:51:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errmsg, "Fail to create wcs structure");
data/montage-6.0+dfsg/web/mViewer/pix2sky.c:74:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errmsg, "Illegal location: probably off the image.");
data/montage-6.0+dfsg/web/mViewer/pix2sky.c:101:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errmsg, "Illegal location: probably off the image.");
data/montage-6.0+dfsg/web/mViewer/sky2pix.c:53:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (errmsg, "Fail to create wcs structure");
data/montage-6.0+dfsg/web/mViewer/subsetImage.c:28:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status[40], cmd[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:110:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char retstr[10000];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char project[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char objname[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filter[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pixscale[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:122:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char http_srvr[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:123:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char baseurl[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:125:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workdir[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:126:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workspace[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directory[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:130:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cookiename[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:131:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cookiestr[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:132:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timeout[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:138:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char paramfile[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:139:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parampath[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:141:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datadir[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:142:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char immode[10];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char viewtemplate[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char viewhtml[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char viewhtmlpath[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char helphtml[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:148:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char helphtmlpath[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:149:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imtypehtml[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:150:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imtypehtmlpath[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:151:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cursorhtml[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:152:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cursorhtmlpath[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:154:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char viewcgiurl[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:155:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tblcgiurl[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:167:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imlist_gray[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:168:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imlist_color[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbllist[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:170:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iminfolist[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:173:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imcubefile[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:174:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imcubepath[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:176:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char graypath[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:178:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redcubefile[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:179:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redcubepath[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:180:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grncubefile[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grncubepath[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:182:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluecubefile[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:183:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluecubepath[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:185:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctype3[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:194:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colortbl[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:196:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stretchmode[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:197:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char minstretch[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:198:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char maxstretch[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:200:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redminstretch[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:201:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redmaxstretch[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:202:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redstretchmode[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:204:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grnminstretch[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:205:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grnmaxstretch[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grnstretchmode[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:208:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blueminstretch[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:209:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluemaxstretch[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:210:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluestretchmode[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:225:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nplaneavestr[20];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:231:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imcubemode[20];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:232:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imcursormode[20];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:246:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:247:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:258:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:259:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char winname[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:261:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infiletype[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:262:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outimtype[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:264:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char divname[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:265:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imname[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:266:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imroot[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:267:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grayfile[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:269:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redroot[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:270:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grnroot[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:271:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blueroot[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:273:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redfile[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:274:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grnfile[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:275:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bluefile[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:277:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jsonfile[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:278:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char jsonpath[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:338:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotjsonfile[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:339:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotjsonpath[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:341:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char waveplottype[20];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:342:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char showplot[20];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:343:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char detachplot[20];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:345:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plottype[20];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:346:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char waveplotfile[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:347:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char waveplotpath[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:348:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wavejsonfile[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:349:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wavejsonpath[1024];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:351:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plottitle[100];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:352:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotxaxis[20];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:353:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotyaxis[20];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:355:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotxlabel[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:356:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotylabel[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:358:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotxlabeloffset[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:359:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotylabeloffset[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:361:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotbgcolor[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:362:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotaxescolor[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:363:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotlabelcolor[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:365:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotsymbol[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:366:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotcolor[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:368:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotlinestyle[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:369:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plotlinecolor[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:371:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plothistvalue[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:397:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sexrapick[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:398:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sexdecpick[40];
data/montage-6.0+dfsg/web/mViewer/viewerapp.h:399:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pickcsys[20];
data/montage-6.0+dfsg/web/mViewer/writeFitshdrHtml.c:33:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [1024];
data/montage-6.0+dfsg/web/mViewer/writeFitshdrHtml.c:34:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword [1024];
data/montage-6.0+dfsg/web/mViewer/writeFitshdrHtml.c:42:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fhdr = fopen (hdrFile, "r");
data/montage-6.0+dfsg/web/mViewer/writeFitshdrHtml.c:44:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen (htmlPath, "w+");
data/montage-6.0+dfsg/Montage/checkHdr.c:198:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(mHeader, "");
data/montage-6.0+dfsg/Montage/checkHdr.c:243:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(tmpstr[strlen(tmpstr)-1] == '\'')
data/montage-6.0+dfsg/Montage/checkHdr.c:244:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpstr[strlen(tmpstr)-1] = '\0';
data/montage-6.0+dfsg/Montage/checkHdr.c:303:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[(int)strlen(line)-1] == '\n')
data/montage-6.0+dfsg/Montage/checkHdr.c:304:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[(int)strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/checkHdr.c:306:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[(int)strlen(line)-1] == '\r')
data/montage-6.0+dfsg/Montage/checkHdr.c:307:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[(int)strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/checkHdr.c:311:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((int)strlen(line) > 80)
data/montage-6.0+dfsg/Montage/checkHdr.c:318:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(pline);
data/montage-6.0+dfsg/Montage/checkHdr.c:351:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((int)strlen(mHeader) + 160 > maxhdr)
data/montage-6.0+dfsg/Montage/checkHdr.c:423:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ctype1) < 8)
data/montage-6.0+dfsg/Montage/checkHdr.c:426:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ctype2) < 8)
data/montage-6.0+dfsg/Montage/checkHdr.c:439:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ptr1) == 0
data/montage-6.0+dfsg/Montage/checkHdr.c:440:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(ptr2) == 0)
data/montage-6.0+dfsg/Montage/checkHdr.c:448:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ptr1) != 3)
data/montage-6.0+dfsg/Montage/checkHdr.c:451:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ptr2) != 3)
data/montage-6.0+dfsg/Montage/checkHdr.c:533:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:551:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:564:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:577:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:605:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:615:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:625:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:635:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:645:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:655:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:663:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:673:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:683:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:693:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:703:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:711:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:719:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:727:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:735:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:743:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/Montage/checkHdr.c:785:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = (int)strlen(header);
data/montage-6.0+dfsg/Montage/checkHdr.c:786:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = (int)strlen(card);
data/montage-6.0+dfsg/Montage/checkHdr.c:797:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return((int)strlen(header));
data/montage-6.0+dfsg/Montage/debugCheck.c:31:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - debugStr < (int)strlen(debugStr))
data/montage-6.0+dfsg/Montage/filePath.c:42:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(fname) >= 2 && strncmp(fname, "./", 2) == 0)
data/montage-6.0+dfsg/Montage/filePath.c:51:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(base);
data/montage-6.0+dfsg/Montage/filePath.c:56:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(base, "/");
data/montage-6.0+dfsg/Montage/filePath.c:82:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fname);
data/montage-6.0+dfsg/Montage/get_files.c:112:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(dirname);
data/montage-6.0+dfsg/Montage/get_hdr.c:180:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(*ptr == '\'' && value[strlen(value)-1] == '\'')
data/montage-6.0+dfsg/Montage/get_hdr.c:182:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value[strlen(value)-1] = '\0';
data/montage-6.0+dfsg/Montage/get_hdr.c:186:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ptr) < 8)
data/montage-6.0+dfsg/Montage/get_hdr.c:192:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ptr) == 0)
data/montage-6.0+dfsg/Montage/get_hdr.c:269:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(*ptr == '\'' && value[strlen(value)-1] == '\'')
data/montage-6.0+dfsg/Montage/get_hdr.c:271:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value[strlen(value)-1] = '\0';
data/montage-6.0+dfsg/Montage/get_hdr.c:275:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ptr) < 8)
data/montage-6.0+dfsg/Montage/get_hdr.c:281:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ptr) == 0)
data/montage-6.0+dfsg/Montage/get_hdr.c:326:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(fields[i].defval, "");
data/montage-6.0+dfsg/Montage/get_hdr.c:332:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(*ptr == '\'' && value[strlen(value)-1] == '\'')
data/montage-6.0+dfsg/Montage/get_hdr.c:334:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value[strlen(value)-1] = '\0';
data/montage-6.0+dfsg/Montage/get_hdr.c:440:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(hdr_rec->ctype1, "");
data/montage-6.0+dfsg/Montage/get_hdr.c:441:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(hdr_rec->ctype2, "");
data/montage-6.0+dfsg/Montage/get_hdr.c:626:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(*ptr == '\'' && value[strlen(value)-1] == '\'')
data/montage-6.0+dfsg/Montage/get_hdr.c:628:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value[strlen(value)-1] = '\0';
data/montage-6.0+dfsg/Montage/get_hdr.c:634:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(fields[i].value) == 0)
data/montage-6.0+dfsg/Montage/get_hfiles.c:102:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(dirname);
data/montage-6.0+dfsg/Montage/get_hhdr.c:79:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/Montage/get_hhdr.c:86:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while(str[strlen(str)-1] == '\n'
data/montage-6.0+dfsg/Montage/get_hhdr.c:87:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| str[strlen(str)-1] == '\r')
data/montage-6.0+dfsg/Montage/get_hhdr.c:88:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str)-1] = '\0';
data/montage-6.0+dfsg/Montage/get_hhdr.c:90:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(str); i<80; ++i)
data/montage-6.0+dfsg/Montage/mAdd.c:426:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, "");
data/montage-6.0+dfsg/Montage/mAdd.c:549:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/Montage/mAdd.c:550:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/Montage/mAdd.c:551:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/Montage/mAdd.c:553:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/Montage/mAdd.c:554:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".FITS", 5) == 0)
data/montage-6.0+dfsg/Montage/mAdd.c:555:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/Montage/mAdd.c:557:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/Montage/mAdd.c:558:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".fit", 4) == 0)
data/montage-6.0+dfsg/Montage/mAdd.c:559:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/Montage/mAdd.c:561:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/Montage/mAdd.c:562:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".FIT", 4) == 0)
data/montage-6.0+dfsg/Montage/mAdd.c:563:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/Montage/mAdd.c:586:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = ctype + strlen(ctype) - 3;
data/montage-6.0+dfsg/Montage/mAdd.c:625:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(path) + tbl_rec[ifname].colwd + 16;
data/montage-6.0+dfsg/Montage/mAdd.c:794:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(filename) > 5 &&
data/montage-6.0+dfsg/Montage/mAdd.c:795:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(filename+strlen(filename)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/Montage/mAdd.c:796:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename[strlen(filename)-5] = '\0';
data/montage-6.0+dfsg/Montage/mAdd.c:2041:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(headerStr, "");
data/montage-6.0+dfsg/Montage/mAdd.c:2048:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/Montage/mAdd.c:2049:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mAdd.c:2051:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/Montage/mAdd.c:2052:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mAdd.c:2060:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(line); i<80; ++i)
data/montage-6.0+dfsg/Montage/mAdd.c:2100:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/Montage/mAdd.c:2226:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/Montage/mAdd.c:2227:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/Montage/mAdd.c:2238:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/Montage/mAddCube.c:292:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, "");
data/montage-6.0+dfsg/Montage/mAddCube.c:415:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/Montage/mAddCube.c:416:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/Montage/mAddCube.c:417:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/Montage/mAddCube.c:419:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/Montage/mAddCube.c:420:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".FITS", 5) == 0)
data/montage-6.0+dfsg/Montage/mAddCube.c:421:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/Montage/mAddCube.c:423:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/Montage/mAddCube.c:424:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".fit", 4) == 0)
data/montage-6.0+dfsg/Montage/mAddCube.c:425:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/Montage/mAddCube.c:427:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/Montage/mAddCube.c:428:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".FIT", 4) == 0)
data/montage-6.0+dfsg/Montage/mAddCube.c:429:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/Montage/mAddCube.c:452:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = ctype + strlen(ctype) - 3;
data/montage-6.0+dfsg/Montage/mAddCube.c:497:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(path) + tbl_rec[ifname].colwd + 16;
data/montage-6.0+dfsg/Montage/mAddCube.c:676:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(filename) > 5 &&
data/montage-6.0+dfsg/Montage/mAddCube.c:677:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(filename+strlen(filename)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/Montage/mAddCube.c:678:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename[strlen(filename)-5] = '\0';
data/montage-6.0+dfsg/Montage/mAddCube.c:1856:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(headerStr, "");
data/montage-6.0+dfsg/Montage/mAddCube.c:1863:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/Montage/mAddCube.c:1864:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mAddCube.c:1866:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/Montage/mAddCube.c:1867:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mAddCube.c:1875:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(line); i<80; ++i)
data/montage-6.0+dfsg/Montage/mAddCube.c:1915:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/Montage/mAddCube.c:2065:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/Montage/mAddCube.c:2066:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/Montage/mAddCube.c:2077:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/Montage/mAddExec.c:189:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, "");
data/montage-6.0+dfsg/Montage/mAddExec.c:190:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(status_file, "");
data/montage-6.0+dfsg/Montage/mAddExec.c:418:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/Montage/mAddExec.c:419:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/Montage/mAddExec.c:420:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/Montage/mAddExec.c:422:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/Montage/mAddExec.c:423:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".FITS", 5) == 0)
data/montage-6.0+dfsg/Montage/mAddExec.c:424:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/Montage/mAddExec.c:426:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/Montage/mAddExec.c:427:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".fit", 4) == 0)
data/montage-6.0+dfsg/Montage/mAddExec.c:428:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/Montage/mAddExec.c:430:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/Montage/mAddExec.c:431:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".FIT", 4) == 0)
data/montage-6.0+dfsg/Montage/mAddExec.c:432:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/Montage/mAddExec.c:436:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=strlen(template_file)-1;i>=0;i--)
data/montage-6.0+dfsg/Montage/mAddExec.c:686:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(headerStr, "");
data/montage-6.0+dfsg/Montage/mAddExec.c:693:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/Montage/mAddExec.c:694:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mAddExec.c:695:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/Montage/mAddExec.c:696:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mAddExec.c:704:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(line); i<80; ++i)
data/montage-6.0+dfsg/Montage/mAddExec.c:743:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/Montage/mAddExec.c:806:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/Montage/mAddExec.c:807:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/Montage/mAddExec.c:818:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/Montage/mAddExec.c:859:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd," ");
data/montage-6.0+dfsg/Montage/mAddExec.c:866:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd," ");
data/montage-6.0+dfsg/Montage/mAddExec.c:873:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd," ");
data/montage-6.0+dfsg/Montage/mAddExec.c:876:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmd,"/");
data/montage-6.0+dfsg/Montage/mAddExec.c:883:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmd[strlen(cmd)-5] = '\0';
data/montage-6.0+dfsg/Montage/mAddExec.c:948:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - Str < strlen(Str))
data/montage-6.0+dfsg/Montage/mBackground.c:181:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - argv[i+1] < strlen(argv[i+1]))
data/montage-6.0+dfsg/Montage/mBackground.c:257:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[3] + strlen(argv[3]))
data/montage-6.0+dfsg/Montage/mBackground.c:265:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[4] + strlen(argv[4]))
data/montage-6.0+dfsg/Montage/mBackground.c:273:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[5] + strlen(argv[5]))
data/montage-6.0+dfsg/Montage/mBackground.c:392:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(input_file) > 5
data/montage-6.0+dfsg/Montage/mBackground.c:393:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strcmp(input_file+strlen(input_file)-5, ".fits") == 0)
data/montage-6.0+dfsg/Montage/mBackground.c:397:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-5] = '\0';
data/montage-6.0+dfsg/Montage/mBackground.c:412:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/Montage/mBackground.c:413:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/Montage/mBackground.c:414:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/Montage/mBgExec.c:144:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, "");
data/montage-6.0+dfsg/Montage/mBgModel.c:307:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mBgModel.c:328:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mConvert.c:150:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - argv[i+1] < strlen(argv[i+1]))
data/montage-6.0+dfsg/Montage/mConvert.c:177:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - argv[i+1] < strlen(argv[i+1]))
data/montage-6.0+dfsg/Montage/mConvert.c:208:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - argv[i+1] < strlen(argv[i+1]))
data/montage-6.0+dfsg/Montage/mConvert.c:229:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - argv[i+1] < strlen(argv[i+1]))
data/montage-6.0+dfsg/Montage/mConvert.c:250:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - argv[i+1] < strlen(argv[i+1]))
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:299:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(path) > 0)
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:381:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[i] + strlen(argv[i]))
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:390:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[i+1] + strlen(argv[i+1]))
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:492:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[4] + strlen(argv[4]))
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:501:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[5] + strlen(argv[5]))
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:514:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[6] + strlen(argv[6]))
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:536:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[7] + strlen(argv[7]))
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:555:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[8] + strlen(argv[8]))
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:563:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmpHeader, "");
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:827:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[4] + strlen(argv[4]))
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:836:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[5] + strlen(argv[5]))
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:854:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[6] + strlen(argv[6]))
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:891:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[4] + strlen(argv[4]))
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:900:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[5] + strlen(argv[5]))
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1127:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tval(icrval1)) == 0
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1128:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(icrval2)) == 0)
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1148:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(proj, "");
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1151:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ctype1) > 4)
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1211:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmpHeader, "");
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1280:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tval(ira1) ) == 0
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1281:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(idec1)) == 0
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1282:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(ira2) ) == 0
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1283:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(idec2)) == 0
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1284:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(ira3) ) == 0
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1285:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(idec3)) == 0
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1286:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(ira4) ) == 0
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1287:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(idec4)) == 0)
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1633:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tval(icrval1)) == 0
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1634:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(icrval2)) == 0)
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1653:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(proj, "");
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1656:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ctype1) > 4)
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1728:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmpHeader, "");
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1766:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(fullname[strlen(fullname)-1] != '/')
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:1767:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fullname, "/");
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2656:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2657:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/Montage/mCoverageCheck.c:2668:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/Montage/mDiff.c:217:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/Montage/mDiff.c:218:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/Montage/mDiff.c:219:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/Montage/mDiff.c:240:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(input_file1) > 5
data/montage-6.0+dfsg/Montage/mDiff.c:241:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strcmp(input_file1+strlen(input_file1)-5, ".fits") == 0)
data/montage-6.0+dfsg/Montage/mDiff.c:245:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-5] = '\0';
data/montage-6.0+dfsg/Montage/mDiff.c:261:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(input_file2) > 5
data/montage-6.0+dfsg/Montage/mDiff.c:262:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strcmp(input_file2+strlen(input_file2)-5, ".fits") == 0)
data/montage-6.0+dfsg/Montage/mDiff.c:266:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-5] = '\0';
data/montage-6.0+dfsg/Montage/mDiff.c:1083:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/Montage/mDiff.c:1084:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mDiff.c:1086:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/Montage/mDiff.c:1087:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mDiff.c:1095:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(line); i<80; ++i)
data/montage-6.0+dfsg/Montage/mDiff.c:1123:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/Montage/mDiffExec.c:116:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, "");
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:110:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, "");
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:233:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(diffname[strlen(diffname)-1] != 's')
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:234:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(diffname, "s");
data/montage-6.0+dfsg/Montage/mDiffFitExec.c:378:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rmname[strlen(rmname)-5] = '\0';
data/montage-6.0+dfsg/Montage/mFitExec.c:312:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(diffname, "/");
data/montage-6.0+dfsg/Montage/mFitplane.c:164:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mFlattenExec.c:106:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, "");
data/montage-6.0+dfsg/Montage/mGetHdr.c:104:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg) || hdu < 0)
data/montage-6.0+dfsg/Montage/mGetHdr.c:142:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = infile + strlen(infile);
data/montage-6.0+dfsg/Montage/mGetHdr.c:269:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=(int)strlen(card)-1; j>=0; --j)
data/montage-6.0+dfsg/Montage/mGetHdr.c:298:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = keyword + strlen(keyword);
data/montage-6.0+dfsg/Montage/mHdrtbl.c:80:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (pathname, "");
data/montage-6.0+dfsg/Montage/mHdrtbl.c:81:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (tblname, "");
data/montage-6.0+dfsg/Montage/mHdrtbl.c:164:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(pathname) > 1
data/montage-6.0+dfsg/Montage/mHdrtbl.c:165:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& pathname[strlen(pathname)-1] == '/')
data/montage-6.0+dfsg/Montage/mHdrtbl.c:166:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pathname[strlen(pathname)-1] = '\0';
data/montage-6.0+dfsg/Montage/mHdrtbl.c:188:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hdrlen = strlen(pathname);
data/montage-6.0+dfsg/Montage/mHdrtbl.c:190:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(hdrlen && pathname[strlen(pathname) - 1] != '/')
data/montage-6.0+dfsg/Montage/mHdrtbl.c:254:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str) - 1;
data/montage-6.0+dfsg/Montage/mHdrtbl.c:287:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(str[strlen(str) - 1] == '\n')
data/montage-6.0+dfsg/Montage/mHdrtbl.c:288:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = '\0';
data/montage-6.0+dfsg/Montage/mHdrtbl.c:292:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, "\n");
data/montage-6.0+dfsg/Montage/mHdrtbl.c:297:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/montage-6.0+dfsg/Montage/mHdrtbl.c:362:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(dirname);
data/montage-6.0+dfsg/Montage/mImgtbl.c:136:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (pathname, "");
data/montage-6.0+dfsg/Montage/mImgtbl.c:137:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (tblname, "");
data/montage-6.0+dfsg/Montage/mImgtbl.c:213:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while(line[strlen(line)-1] == '\r'
data/montage-6.0+dfsg/Montage/mImgtbl.c:214:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/Montage/mImgtbl.c:215:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mImgtbl.c:219:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = line + strlen(line);
data/montage-6.0+dfsg/Montage/mImgtbl.c:267:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(fields[nfields].name) > fields[nfields].width)
data/montage-6.0+dfsg/Montage/mImgtbl.c:268:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fields[nfields].width = strlen(fields[nfields].name);
data/montage-6.0+dfsg/Montage/mImgtbl.c:270:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(fields[nfields].name) < 1)
data/montage-6.0+dfsg/Montage/mImgtbl.c:276:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(fields[nfields].type) < 1)
data/montage-6.0+dfsg/Montage/mImgtbl.c:282:17: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(fields[nfields].value, "");
data/montage-6.0+dfsg/Montage/mImgtbl.c:283:17: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(fields[nfields].defval, "");
data/montage-6.0+dfsg/Montage/mImgtbl.c:348:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(pathname) > 1
data/montage-6.0+dfsg/Montage/mImgtbl.c:349:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& pathname[strlen(pathname)-1] == '/')
data/montage-6.0+dfsg/Montage/mImgtbl.c:350:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pathname[strlen(pathname)-1] = '\0';
data/montage-6.0+dfsg/Montage/mImgtbl.c:397:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hdrlen = strlen(pathname);
data/montage-6.0+dfsg/Montage/mImgtbl.c:399:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(hdrlen && pathname[strlen(pathname) - 1] != '/')
data/montage-6.0+dfsg/Montage/mImgtbl.c:464:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str) - 1;
data/montage-6.0+dfsg/Montage/mImgtbl.c:497:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(str[strlen(str) - 1] == '\n')
data/montage-6.0+dfsg/Montage/mImgtbl.c:498:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = '\0';
data/montage-6.0+dfsg/Montage/mImgtbl.c:502:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, "\n");
data/montage-6.0+dfsg/Montage/mImgtbl.c:507:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/montage-6.0+dfsg/Montage/mImgtbl.c:572:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(dirname);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:338:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[optind + 3] + strlen(argv[optind + 3]))
data/montage-6.0+dfsg/Montage/mMakeHdr.c:692:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(csysStr); ++i)
data/montage-6.0+dfsg/Montage/mMakeHdr.c:716:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(csysStr[strlen(csysStr)-1] == 'j')
data/montage-6.0+dfsg/Montage/mMakeHdr.c:718:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(csysStr[strlen(csysStr)-1] == 'j')
data/montage-6.0+dfsg/Montage/mMakeHdr.c:991:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1253:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(msg, "");
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1440:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(msg, "");
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1445:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(msg) == 0)
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1483:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1484:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1495:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1533:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1540:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1541:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1543:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/Montage/mMakeHdr.c:1544:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mMakeImg.c:231:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[index]) < 2)
data/montage-6.0+dfsg/Montage/mMakeImg.c:536:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(valstr[strlen(valstr)-1] == '\n')
data/montage-6.0+dfsg/Montage/mMakeImg.c:538:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
valstr[strlen(valstr)-1] = '\0';
data/montage-6.0+dfsg/Montage/mMakeImg.c:542:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(valstr) > 0)
data/montage-6.0+dfsg/Montage/mMakeImg.c:549:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < valstr + (int)strlen(valstr))
data/montage-6.0+dfsg/Montage/mMakeImg.c:1480:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/Montage/mMakeImg.c:1481:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mMakeImg.c:1489:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(line); i<80; ++i)
data/montage-6.0+dfsg/Montage/mMakeImg.c:1616:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/Montage/mMakeImg.c:1694:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = fgetc(fin);
data/montage-6.0+dfsg/Montage/mMakeImg.c:1720:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = fgetc(fin);
data/montage-6.0+dfsg/Montage/mOverlaps.c:409:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(input[nimages].fname) > namelen)
data/montage-6.0+dfsg/Montage/mOverlaps.c:410:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(input[nimages].fname);
data/montage-6.0+dfsg/Montage/mOverlaps.c:441:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/Montage/mOverlaps.c:1046:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/Montage/mOverlaps.c:1047:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/Montage/mOverlaps.c:1058:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/Montage/mProjExec.c:188:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, "");
data/montage-6.0+dfsg/Montage/mProjExec.c:189:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(border, "");
data/montage-6.0+dfsg/Montage/mProjExec.c:190:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(scaleCol, "");
data/montage-6.0+dfsg/Montage/mProjExec.c:191:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(weightCol, "");
data/montage-6.0+dfsg/Montage/mProjExec.c:248:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mProjExec.c:493:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(weightCol) > 0)
data/montage-6.0+dfsg/Montage/mProjExec.c:512:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(scaleCol) > 0)
data/montage-6.0+dfsg/Montage/mProjExec.c:580:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(outfile[strlen(outfile) - 1] != '/')
data/montage-6.0+dfsg/Montage/mProjExec.c:581:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(outfile, "/");
data/montage-6.0+dfsg/Montage/mProjExec.c:583:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(hdustr, "");
data/montage-6.0+dfsg/Montage/mProjExec.c:719:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(hdustr, "");
data/montage-6.0+dfsg/Montage/mProjExec.c:827:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(wholeStr, "");
data/montage-6.0+dfsg/Montage/mProjExec.c:832:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(wholeStr, "");
data/montage-6.0+dfsg/Montage/mProjExec.c:834:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(hdustr, "");
data/montage-6.0+dfsg/Montage/mProjExec.c:839:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(weightStr, "");
data/montage-6.0+dfsg/Montage/mProjExec.c:874:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(border) == 0)
data/montage-6.0+dfsg/Montage/mProjExec.c:972:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(msg) > 30)
data/montage-6.0+dfsg/Montage/mProjExec.c:1091:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/Montage/mProjExec.c:1098:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/Montage/mProjExec.c:1099:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mProjExec.c:1101:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/Montage/mProjExec.c:1102:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mProjExec.c:1142:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/Montage/mProjExec.c:1143:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/Montage/mProjExec.c:1154:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/Montage/mProject.c:327:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mProject.c:358:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mProject.c:372:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mProject.c:384:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mProject.c:409:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg) || hdu < 0)
data/montage-6.0+dfsg/Montage/mProject.c:445:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/Montage/mProject.c:446:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".FITS", 5) == 0)
data/montage-6.0+dfsg/Montage/mProject.c:447:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/Montage/mProject.c:449:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/Montage/mProject.c:450:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/Montage/mProject.c:451:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/Montage/mProject.c:453:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/Montage/mProject.c:454:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".FIT", 4) == 0)
data/montage-6.0+dfsg/Montage/mProject.c:455:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/Montage/mProject.c:457:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/Montage/mProject.c:458:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".fit", 4) == 0)
data/montage-6.0+dfsg/Montage/mProject.c:459:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/Montage/mProject.c:1961:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/Montage/mProject.c:1968:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/Montage/mProject.c:1969:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mProject.c:1971:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/Montage/mProject.c:1972:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mProject.c:2095:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| output.wcs->c1type[strlen(output.wcs->c1type)-1] == 'T')
data/montage-6.0+dfsg/Montage/mProject.c:2130:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/Montage/mProject.c:2323:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| input.wcs->c1type[strlen(input.wcs->c1type)-1] == 'T')
data/montage-6.0+dfsg/Montage/mProject.c:2430:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/Montage/mProject.c:2431:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/Montage/mProject.c:2442:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/Montage/mProjectCube.c:285:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mProjectCube.c:316:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mProjectCube.c:328:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mProjectCube.c:353:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg) || hdu < 0)
data/montage-6.0+dfsg/Montage/mProjectCube.c:389:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/Montage/mProjectCube.c:390:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".FITS", 5) == 0)
data/montage-6.0+dfsg/Montage/mProjectCube.c:391:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/Montage/mProjectCube.c:393:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/Montage/mProjectCube.c:394:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/Montage/mProjectCube.c:395:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/Montage/mProjectCube.c:397:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/Montage/mProjectCube.c:398:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".FIT", 4) == 0)
data/montage-6.0+dfsg/Montage/mProjectCube.c:399:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/Montage/mProjectCube.c:401:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/Montage/mProjectCube.c:402:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".fit", 4) == 0)
data/montage-6.0+dfsg/Montage/mProjectCube.c:403:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/Montage/mProjectCube.c:2071:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/Montage/mProjectCube.c:2078:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/Montage/mProjectCube.c:2079:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mProjectCube.c:2081:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/Montage/mProjectCube.c:2082:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mProjectCube.c:2205:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| output.wcs->c1type[strlen(output.wcs->c1type)-1] == 'T')
data/montage-6.0+dfsg/Montage/mProjectCube.c:2240:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/Montage/mProjectCube.c:2457:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| input.wcs->c1type[strlen(input.wcs->c1type)-1] == 'T')
data/montage-6.0+dfsg/Montage/mProjectCube.c:2561:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/Montage/mProjectCube.c:2562:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/Montage/mProjectCube.c:2573:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/Montage/mProjectPP.c:294:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(altout, "");
data/montage-6.0+dfsg/Montage/mProjectPP.c:295:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(altin, "");
data/montage-6.0+dfsg/Montage/mProjectPP.c:306:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mProjectPP.c:344:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mProjectPP.c:358:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mProjectPP.c:370:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mProjectPP.c:386:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mProjectPP.c:413:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg) || hdu < 0)
data/montage-6.0+dfsg/Montage/mProjectPP.c:447:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/Montage/mProjectPP.c:448:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".FITS", 5) == 0)
data/montage-6.0+dfsg/Montage/mProjectPP.c:449:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/Montage/mProjectPP.c:451:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/Montage/mProjectPP.c:452:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/Montage/mProjectPP.c:453:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/Montage/mProjectPP.c:455:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/Montage/mProjectPP.c:456:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".FIT", 4) == 0)
data/montage-6.0+dfsg/Montage/mProjectPP.c:457:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/Montage/mProjectPP.c:459:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/Montage/mProjectPP.c:460:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".fit", 4) == 0)
data/montage-6.0+dfsg/Montage/mProjectPP.c:461:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/Montage/mProjectPP.c:1657:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(headerStr, "");
data/montage-6.0+dfsg/Montage/mProjectPP.c:1664:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/Montage/mProjectPP.c:1665:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mProjectPP.c:1667:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/Montage/mProjectPP.c:1668:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mProjectPP.c:1898:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/Montage/mProjectPP.c:2183:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/Montage/mProjectPP.c:2184:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/Montage/mProjectPP.c:2195:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/Montage/mProjectPP.c:2263:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/montage-6.0+dfsg/Montage/mPutHdr.c:153:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg) || hdu < 0)
data/montage-6.0+dfsg/Montage/mShrink.c:194:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg) || hdu < 0)
data/montage-6.0+dfsg/Montage/mShrink.c:235:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[optind + 2] + strlen(argv[optind + 2]))
data/montage-6.0+dfsg/Montage/mShrink.c:1204:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(input.bunit, "");
data/montage-6.0+dfsg/Montage/mShrinkCube.c:165:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(statfile, "");
data/montage-6.0+dfsg/Montage/mShrinkCube.c:180:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg) || hdu < 0)
data/montage-6.0+dfsg/Montage/mShrinkCube.c:191:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg) || mfactor <= 0)
data/montage-6.0+dfsg/Montage/mShrinkCube.c:222:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(statfile) > 0)
data/montage-6.0+dfsg/Montage/mShrinkCube.c:239:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[optind + 2] + strlen(argv[optind + 2]))
data/montage-6.0+dfsg/Montage/mShrinkCube.c:1293:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(input.bunit, "");
data/montage-6.0+dfsg/Montage/mSubCube.c:110:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(params.dConstraint[0], "");
data/montage-6.0+dfsg/Montage/mSubCube.c:111:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(params.dConstraint[1], "");
data/montage-6.0+dfsg/Montage/mSubCube.c:115:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(statfile, "");
data/montage-6.0+dfsg/Montage/mSubCube.c:154:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[i+1] + strlen(argv[i+1]) || hdu < 0)
data/montage-6.0+dfsg/Montage/mSubCube.c:169:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[i+1] + strlen(argv[i+1]) || params.kbegin < 0)
data/montage-6.0+dfsg/Montage/mSubCube.c:178:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[i+2] + strlen(argv[i+2]) || params.kend < 0)
data/montage-6.0+dfsg/Montage/mSubCube.c:373:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(statfile) > 0)
data/montage-6.0+dfsg/Montage/mSubCube.c:439:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[3] + (int)strlen(argv[3]))
data/montage-6.0+dfsg/Montage/mSubCube.c:448:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[4] + (int)strlen(argv[4]))
data/montage-6.0+dfsg/Montage/mSubCube.c:458:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[5] + (int)strlen(argv[5]))
data/montage-6.0+dfsg/Montage/mSubCube.c:469:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[6] + (int)strlen(argv[6]))
data/montage-6.0+dfsg/Montage/mSubCube.c:510:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(statfile) > 0)
data/montage-6.0+dfsg/Montage/mSubimage.c:170:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[i+1] + strlen(argv[i+1]) || hdu < 0)
data/montage-6.0+dfsg/Montage/mSubimage.c:185:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[i+1] + strlen(argv[i+1]) || hdu < 0)
data/montage-6.0+dfsg/Montage/mSubimage.c:300:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[3] + (int)strlen(argv[3]))
data/montage-6.0+dfsg/Montage/mSubimage.c:309:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[4] + (int)strlen(argv[4]))
data/montage-6.0+dfsg/Montage/mSubimage.c:319:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[5] + (int)strlen(argv[5]))
data/montage-6.0+dfsg/Montage/mSubimage.c:330:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[6] + (int)strlen(argv[6]))
data/montage-6.0+dfsg/Montage/mSubset.c:562:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/Montage/mSubset.c:1011:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/Montage/mSubset.c:1017:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/Montage/mSubset.c:1018:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mSubset.c:1020:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/Montage/mSubset.c:1021:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mSubset.c:1135:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/Montage/mSubset.c:1213:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/Montage/mSubset.c:1214:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/Montage/mSubset.c:1225:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/Montage/mTANHdr.c:225:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mTANHdr.c:239:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mTANHdr.c:253:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/mTANHdr.c:1263:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cdelt1, "");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1264:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cdelt2, "");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1265:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(crota2, "");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1266:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cd11, "");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1267:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cd12, "");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1268:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cd21, "");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1269:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cd22, "");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1270:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(pc11, "");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1271:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(pc12, "");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1272:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(pc21, "");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1273:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(pc22, "");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1274:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(epoch, "");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1275:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(equinox, "");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1282:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(line);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1434:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1441:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/Montage/mTANHdr.c:1442:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mTANHdr.c:1444:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/Montage/mTANHdr.c:1445:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mTANHdr.c:1508:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hlen = strlen(header);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1509:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clen = strlen(card);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1520:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/Montage/mTANHdr.c:1561:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/Montage/mTANHdr.c:1864:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(header);
data/montage-6.0+dfsg/Montage/mTANHdr.c:1893:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line) > 0)
data/montage-6.0+dfsg/Montage/mTblSort.c:145:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while(line[strlen(line) - 1] == '\n'
data/montage-6.0+dfsg/Montage/mTblSort.c:146:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| line[strlen(line) - 1] == '\r')
data/montage-6.0+dfsg/Montage/mTblSort.c:147:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line) - 1] = '\0';
data/montage-6.0+dfsg/Montage/mTileHdr.c:269:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/Montage/mTileHdr.c:276:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/Montage/mTileHdr.c:277:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mTileHdr.c:279:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/Montage/mTileHdr.c:280:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mTileHdr.c:319:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hlen = strlen(header);
data/montage-6.0+dfsg/Montage/mTileHdr.c:320:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clen = strlen(card);
data/montage-6.0+dfsg/Montage/mTileHdr.c:331:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/Montage/mTileHdr.c:362:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/Montage/mTileHdr.c:363:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mTileHdr.c:365:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/Montage/mTileHdr.c:366:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/mTileHdr.c:396:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(header);
data/montage-6.0+dfsg/Montage/mTileHdr.c:425:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line) > 0)
data/montage-6.0+dfsg/Montage/mTileImage.c:118:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((head = calloc(strlen(fname) + 1, sizeof(char))) == NULL) {
data/montage-6.0+dfsg/Montage/mTileImage.c:122:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((oname = calloc(strlen(fname)+4, sizeof(char))) == NULL) {
data/montage-6.0+dfsg/Montage/print_rec.c:86:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<=strlen(fields[i].name); ++j)
data/montage-6.0+dfsg/Montage/print_rec.c:118:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<=strlen(fields[i].name); ++j)
data/montage-6.0+dfsg/Montage/projTest.c:144:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/projTest.c:156:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(csys); ++i)
data/montage-6.0+dfsg/Montage/projTest.c:202:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/projTest.c:216:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/projTest.c:230:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/Montage/projTest.c:447:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/Montage/projTest.c:454:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/Montage/projTest.c:455:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/projTest.c:457:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/Montage/projTest.c:458:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/Montage/projTest.c:501:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hlen = strlen(header);
data/montage-6.0+dfsg/Montage/projTest.c:502:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clen = strlen(card);
data/montage-6.0+dfsg/Montage/projTest.c:513:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/Montage/projTest.c:551:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/Montage/projTest.c:704:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/Montage/projTest.c:987:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/Montage/projTest.c:1173:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(header);
data/montage-6.0+dfsg/Montage/projTest.c:1202:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line) > 0)
data/montage-6.0+dfsg/Montage/subCube.c:57:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(params->naxis < 3 && strlen(params->dConstraint[0]) > 0)
data/montage-6.0+dfsg/Montage/subCube.c:64:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(params->naxis < 4 && strlen(params->dConstraint[1]) > 0)
data/montage-6.0+dfsg/Montage/subCube.c:611:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
endstr = list + strlen(list);
data/montage-6.0+dfsg/Montage/subCube.c:644:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = begin + strlen(begin) - 1;
data/montage-6.0+dfsg/Montage/subCube.c:652:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = split + strlen(split) - 1;
data/montage-6.0+dfsg/Montage/subCube.c:659:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(ptr < begin + strlen(begin))
data/montage-6.0+dfsg/Montage/subCube.c:670:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(ptr < split + strlen(split))
data/montage-6.0+dfsg/MontageLib/Add/mAdd.c:48:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, ".");
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:320:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, ".");
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:363:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:392:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:393:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:394:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:396:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:397:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".FITS", 5) == 0)
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:398:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:400:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:401:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".fit", 4) == 0)
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:402:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:404:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:405:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".FIT", 4) == 0)
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:406:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:433:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = ctype + strlen(ctype) - 3;
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:471:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(path) + tbl_rec[ifname].colwd + 16;
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:640:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(filename) > 5 &&
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:641:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(filename+strlen(filename)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:642:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename[strlen(filename)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:1996:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(headerStr, "");
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2003:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2004:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2006:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2007:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2015:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(line); i<80; ++i)
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2055:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2170:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2171:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/MontageLib/Add/montageAdd.c:2182:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/MontageLib/AddCube/mAddCube.c:48:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, ".");
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:242:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, ".");
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:287:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:316:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:317:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:318:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:320:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:321:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".FITS", 5) == 0)
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:322:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:324:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:325:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".fit", 4) == 0)
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:326:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:328:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:329:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".FIT", 4) == 0)
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:330:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:357:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = ctype + strlen(ctype) - 3;
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:403:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(path) + tbl_rec[ifname].colwd + 16;
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:590:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(filename) > 5 &&
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:591:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(filename+strlen(filename)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:592:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename[strlen(filename)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2046:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(headerStr, "");
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2053:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2054:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2056:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2057:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2065:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(line); i<80; ++i)
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2105:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2251:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2252:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/MontageLib/AddCube/montageAddCube.c:2263:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/MontageLib/ArchiveExec/mArchiveExec.c:45:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, ".");
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:72:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, ".");
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:151:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = url+strlen(url)-1;
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:182:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(filebase); ++i)
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:188:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(urlbase); ++i)
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:258:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(file) > 3 && strcmp(file+strlen(file)-3, ".gz") == 0)
data/montage-6.0+dfsg/MontageLib/ArchiveExec/montageArchiveExec.c:258:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(file) > 3 && strcmp(file+strlen(file)-3, ".gz") == 0)
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:80:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:153:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = fgetc(fromexec);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:202:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(retval) > 0)
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:255:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(begin) > 0 && endptr == end)
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:340:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = fgetc(fromexec);
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:383:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(retval) > 0 && endptr == end)
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:447:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(infile) < 5)
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:450:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strcmp(infile+strlen(infile)-4, ".bz2") != 0)
data/montage-6.0+dfsg/MontageLib/ArchiveGet/montageArchiveGet.c:455:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outfile[strlen(outfile)-4] = '\0';
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:106:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:189:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:220:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:221:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:309:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((rc == read (fd, &c, 1)) != 1)
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:346:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/montage-6.0+dfsg/MontageLib/ArchiveList/montageArchiveList.c:348:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (unsigned char *) malloc(3 * strlen(s) + 1);
data/montage-6.0+dfsg/MontageLib/Background/mBackground.c:88:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - argv[i+1] < strlen(argv[i+1]))
data/montage-6.0+dfsg/MontageLib/Background/mBackground.c:164:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[3] + strlen(argv[3]))
data/montage-6.0+dfsg/MontageLib/Background/mBackground.c:172:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[4] + strlen(argv[4]))
data/montage-6.0+dfsg/MontageLib/Background/mBackground.c:180:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[5] + strlen(argv[5]))
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:142:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:153:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(input_file) > 5
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:154:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strcmp(input_file+strlen(input_file)-5, ".fits") == 0)
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:158:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:173:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:174:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/MontageLib/Background/montageBackground.c:175:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/BestImage/mBestImage.c:52:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(statfile) > 0)
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:142:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:390:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:694:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(bestURL, "");
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:717:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:718:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/MontageLib/BestImage/montageBestImage.c:729:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/MontageLib/BgExec/mBgExec.c:51:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, ".");
data/montage-6.0+dfsg/MontageLib/BgExec/montageBgExec.c:103:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, ".");
data/montage-6.0+dfsg/MontageLib/BgModel/mBgModel.c:59:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:265:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/BgModel/montageBgModel.c:1356:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/mCoverageCheck.c:56:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, "");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/mCoverageCheck.c:98:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(path) > 0)
data/montage-6.0+dfsg/MontageLib/CoverageCheck/mCoverageCheck.c:104:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, ".");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/mCoverageCheck.c:155:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[i] + strlen(argv[i]))
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:227:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, "");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:258:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:432:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmpHeader, "");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:954:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tval(icrval1)) == 0
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:955:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(icrval2)) == 0)
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:975:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(proj, "");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:978:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ctype1) > 4)
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1038:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmpHeader, "");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1113:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tval(ira1) ) == 0
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1114:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(idec1)) == 0
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1115:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(ira2) ) == 0
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1116:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(idec2)) == 0
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1117:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(ira3) ) == 0
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1118:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(idec3)) == 0
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1119:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(ira4) ) == 0
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1120:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(idec4)) == 0)
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1466:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tval(icrval1)) == 0
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1467:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(icrval2)) == 0)
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1486:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(proj, "");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1489:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ctype1) > 4)
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1561:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmpHeader, "");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1586:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(path) > 0)
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1602:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(fullname[strlen(fullname)-1] != '/')
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:1603:25: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fullname, "/");
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2500:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2501:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/MontageLib/CoverageCheck/montageCoverageCheck.c:2512:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:159:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:212:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:213:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:214:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:235:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(input_file1) > 5
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:236:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strcmp(input_file1+strlen(input_file1)-5, ".fits") == 0)
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:240:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:256:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(input_file2) > 5
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:257:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strcmp(input_file2+strlen(input_file2)-5, ".fits") == 0)
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:261:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1499:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1500:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1502:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1503:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1511:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(line); i<80; ++i)
data/montage-6.0+dfsg/MontageLib/Diff/montageDiff.c:1541:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/MontageLib/DiffExec/mDiffExec.c:50:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, ".");
data/montage-6.0+dfsg/MontageLib/DiffExec/montageDiffExec.c:80:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, ".");
data/montage-6.0+dfsg/MontageLib/DiffFitExec/mDiffFitExec.c:57:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, ".");
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:105:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, ".");
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:185:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(diffname[strlen(diffname)-1] != 's')
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:186:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(diffname, "s");
data/montage-6.0+dfsg/MontageLib/DiffFitExec/montageDiffFitExec.c:259:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rmname[strlen(rmname)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:160:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:288:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(proj, "");
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:290:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ctype1) > 5)
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:708:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(montage_json, "{");
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:709:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(montage_msgstr, "");
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1076:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(montage_json, "}");
data/montage-6.0+dfsg/MontageLib/Examine/montageExamine.c:1165:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(file);
data/montage-6.0+dfsg/MontageLib/Fitplane/mFitplane.c:73:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/Fitplane/montageFitplane.c:151:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/FixNaN/mFixNaN.c:83:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/FixNaN/mFixNaN.c:95:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/FixNaN/mFixNaN.c:154:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!minflag && end < argv[offset] + strlen(argv[offset]))
data/montage-6.0+dfsg/MontageLib/FixNaN/mFixNaN.c:162:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!maxflag && end < argv[offset] + strlen(argv[offset]))
data/montage-6.0+dfsg/MontageLib/FixNaN/montageFixNaN.c:172:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/GetHdr/mGetHdr.c:66:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg) || hdu < 0)
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:85:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:224:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=(int)strlen(card)-1; j>=0; --j)
data/montage-6.0+dfsg/MontageLib/GetHdr/montageGetHdr.c:253:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = keyword + strlen(keyword);
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:49:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(band2MASS, "");
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:86:40: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if(bandStr[0] == 'j') strcpy(band2MASS, "j");
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:87:40: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else if(bandStr[0] == 'h') strcpy(band2MASS, "h");
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:88:40: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else if(bandStr[0] == 'k') strcpy(band2MASS, "k");
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:89:40: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else if(bandStr[0] == 'J') strcpy(band2MASS, "j");
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:90:40: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else if(bandStr[0] == 'H') strcpy(band2MASS, "h");
data/montage-6.0+dfsg/MontageLib/Hdr/mHdr.c:91:40: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else if(bandStr[0] == 'K') strcpy(band2MASS, "k");
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:94:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:177:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(sock, request, strlen(request), 0);
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:199:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:200:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:280:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((rc == read (fd, &c, 1)) != 1)
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:315:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/montage-6.0+dfsg/MontageLib/Hdr/montageHdr.c:317:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (unsigned char *) malloc(3 * strlen(s) + 1);
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:46:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(grayfile, "");
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:86:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[i+4]) > 1
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:87:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( argv[i+4][strlen(argv[i+4])-1] == 'g'
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:88:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| argv[i+4][strlen(argv[i+4])-1] == 'l'))
data/montage-6.0+dfsg/MontageLib/Histogram/mHistogram.c:122:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(graylogpower < 0 || end < argv[i+4] + strlen(argv[i+4]))
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:116:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:134:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(grayfile) == 0)
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:163:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(histfile) == 0)
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:182:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(grayfile) == 0)
data/montage-6.0+dfsg/MontageLib/Histogram/montageHistogram.c:350:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(file);
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c:49:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (pathname, "");
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c:50:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (tblname, "");
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c:51:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(fieldListFile, "");
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c:52:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(imgListFile, "");
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c:135:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(pathname) > 1
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c:136:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& pathname[strlen(pathname)-1] == '/')
data/montage-6.0+dfsg/MontageLib/Imgtbl/mImgtbl.c:137:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pathname[strlen(pathname)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:222:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:261:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(fieldListFile != (char *)NULL && strlen(fieldListFile) > 0)
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:271:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while(line[strlen(line)-1] == '\r'
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:272:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:273:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:277:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = line + strlen(line);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:325:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(fields[nfields].name) > fields[nfields].width)
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:326:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fields[nfields].width = strlen(fields[nfields].name);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:328:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(fields[nfields].name) < 1)
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:335:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(fields[nfields].type) < 1)
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:342:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(fields[nfields].value, "");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:343:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(fields[nfields].defval, "");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:416:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hdrlen = strlen(pathname);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:418:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(hdrlen && pathname[strlen(pathname) - 1] != '/')
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:440:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(imgListFile != (char *)NULL && strlen(imgListFile) > 0)
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:545:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(dirname);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:686:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(dirname);
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:896:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(*ptr == '\'' && value[strlen(value)-1] == '\'')
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:898:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value[strlen(value)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:902:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ptr) < 8)
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:908:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ptr) == 0)
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:999:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(*ptr == '\'' && value[strlen(value)-1] == '\'')
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1001:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value[strlen(value)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1005:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ptr) < 8)
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1011:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ptr) == 0)
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1062:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(fields[i].defval, "");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1068:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(*ptr == '\'' && value[strlen(value)-1] == '\'')
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1070:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value[strlen(value)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1192:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(hdr_rec->ctype1, "");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1193:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(hdr_rec->ctype2, "");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1377:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(*ptr == '\'' && value[strlen(value)-1] == '\'')
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1379:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value[strlen(value)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1385:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(fields[i].value) == 0)
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1442:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<=strlen(fields[i].name); ++j)
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1474:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<=strlen(fields[i].name); ++j)
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1584:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str) - 1;
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1618:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(str[strlen(str) - 1] == '\n')
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1619:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = '\0';
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1623:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, "\n");
data/montage-6.0+dfsg/MontageLib/Imgtbl/montageImgtbl.c:1628:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/montage-6.0+dfsg/MontageLib/MakeHdr/mMakeHdr.c:150:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[optind + 3] + strlen(argv[optind + 3]))
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:245:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:651:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(csysStr); ++i)
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:675:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(csysStr[strlen(csysStr)-1] == 'j')
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:677:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(csysStr[strlen(csysStr)-1] == 'j')
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:950:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1235:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(msg, "");
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1456:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(msg, "");
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1461:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(msg) == 0)
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1550:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1551:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1562:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1600:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1607:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1608:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1610:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/MontageLib/MakeHdr/montageMakeHdr.c:1611:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:43:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(outFile, "");
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:44:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(jsonStr, "");
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:45:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(line, "");
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:103:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(jsonStr) > 0)
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:124:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(jsonFile) > 0)
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:134:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(jsonStr, "");
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:143:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line) - 1;
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:160:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(jsonStr, " ");
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:186:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cmdstr, "");
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:191:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmdstr, " ");
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:193:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmdstr, "\"");
data/montage-6.0+dfsg/MontageLib/MakeImg/mMakeImg.c:195:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmdstr, "\"");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:246:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:306:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[index]) < 2)
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:385:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(coordStr, " ");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:458:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < valstr+strlen(valstr) || noise < 0.)
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:473:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < valstr+strlen(valstr))
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:488:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < valstr+strlen(valstr))
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:503:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < valstr+strlen(valstr))
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:518:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < valstr+strlen(valstr))
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:682:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(valstr, "");
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:745:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(arrayfile) > 0)
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:863:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(valstr[strlen(valstr)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:865:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
valstr[strlen(valstr)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:869:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(valstr) > 0)
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:876:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < valstr + (int)strlen(valstr))
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1875:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1876:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:1884:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(line); i<80; ++i)
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:2010:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:2088:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = fgetc(fin);
data/montage-6.0+dfsg/MontageLib/MakeImg/montageMakeImg.c:2114:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = fgetc(fin);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:179:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:348:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(input[nimages].fname) > namelen)
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:349:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(input[nimages].fname);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:380:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:1005:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:1006:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:1017:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/MontageLib/Overlaps/montageOverlaps.c:1037:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fname);
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:62:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, ".");
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:63:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(border, "");
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:64:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(scaleCol, "");
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:65:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(weightCol, "");
data/montage-6.0+dfsg/MontageLib/ProjExec/mProjExec.c:122:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:182:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, ".");
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:197:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:221:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(weightFile, "");
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:231:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(stats) > 0)
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:260:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(stats) > 0)
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:341:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(stats) > 0)
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:356:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(stats) > 0)
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:365:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(weightCol) > 0)
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:374:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(stats) > 0)
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:384:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(scaleCol) > 0)
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:393:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(stats) > 0)
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:443:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(outfile[strlen(outfile) - 1] != '/')
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:444:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(outfile, "/");
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:446:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(hdustr, "");
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:460:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(stats) > 0)
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:751:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(altout, "");
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:771:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(altin, "");
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:791:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(altin, "");
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:792:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(altout, "");
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:843:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(stats) > 0)
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:865:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(stats) > 0)
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:914:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:921:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:922:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:924:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:925:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:967:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:968:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/MontageLib/ProjExec/montageProjExec.c:979:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:56:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(weight_file, "");
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:57:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(borderstr, "");
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:68:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:94:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:106:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:118:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/Project/mProject.c:147:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg) || hdu < 0)
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:342:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:417:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < borderstr + strlen(borderstr))
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:439:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(weight_file) > 0)
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:458:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:459:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".FITS", 5) == 0)
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:460:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:462:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:463:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:464:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:466:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:467:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".FIT", 4) == 0)
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:468:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:470:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:471:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".fit", 4) == 0)
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:472:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2180:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2187:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2188:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2190:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2191:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2320:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| output.wcs->c1type[strlen(output.wcs->c1type)-1] == 'T')
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2355:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2561:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| input.wcs->c1type[strlen(input.wcs->c1type)-1] == 'T')
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2668:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2669:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2680:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/MontageLib/Project/montageProject.c:2759:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.c:55:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(weight_file, "");
data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.c:66:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.c:92:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.c:104:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.c:116:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/ProjectCube/mProjectCube.c:141:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg) || hdu < 0)
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:298:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:330:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(weight_file) > 0)
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:349:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:350:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".FITS", 5) == 0)
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:351:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:353:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:354:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:355:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:357:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:358:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".FIT", 4) == 0)
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:359:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:361:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:362:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".fit", 4) == 0)
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:363:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2194:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2201:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2202:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2204:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2205:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2334:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| output.wcs->c1type[strlen(output.wcs->c1type)-1] == 'T')
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2369:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2605:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| input.wcs->c1type[strlen(input.wcs->c1type)-1] == 'T')
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2706:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2707:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/MontageLib/ProjectCube/montageProjectCube.c:2718:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:59:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(weight_file, "");
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:60:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(borderstr, "");
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:61:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(altout, "");
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:62:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(altin, "");
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:73:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:107:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:119:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:131:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/ProjectPP/mProjectPP.c:160:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg) || hdu < 0)
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:299:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:329:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < borderstr + strlen(borderstr))
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:351:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(weight_file) > 0)
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:392:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:393:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".FITS", 5) == 0)
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:394:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:396:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:397:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:398:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:400:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:401:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".FIT", 4) == 0)
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:402:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:404:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:405:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".fit", 4) == 0)
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:406:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1783:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(headerStr, "");
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1790:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1791:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1793:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:1794:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2027:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2323:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2324:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2335:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/MontageLib/ProjectPP/montageProjectPP.c:2403:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:59:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(weight_file, "");
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:60:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(borderstr, "");
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:93:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:105:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:117:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/ProjectQL/mProjectQL.c:150:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg) || hdu < 0)
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:246:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:309:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < borderstr + strlen(borderstr))
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:331:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(weight_file) > 0)
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:350:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:351:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".FITS", 5) == 0)
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:352:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:354:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 5 &&
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:355:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:356:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-5] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:358:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:359:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".FIT", 4) == 0)
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:360:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:362:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(output_file) > 4 &&
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:363:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(output_file+strlen(output_file)-4, ".fit", 4) == 0)
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:364:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output_file[strlen(output_file)-4] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1400:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1407:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1408:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1410:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1411:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1538:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| output.wcs->c1type[strlen(output.wcs->c1type)-1] == 'T')
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1572:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1776:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| input.wcs->c1type[strlen(input.wcs->c1type)-1] == 'T')
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1880:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1881:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1892:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/MontageLib/ProjectQL/montageProjectQL.c:1973:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/montage-6.0+dfsg/MontageLib/PutHdr/mPutHdr.c:88:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg) || hdu < 0)
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:126:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/PutHdr/montagePutHdr.c:463:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/Shrink/mShrink.c:62:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg) || hdu < 0)
data/montage-6.0+dfsg/MontageLib/Shrink/mShrink.c:101:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[optind + 2] + strlen(argv[optind + 2]))
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:180:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/Shrink/montageShrink.c:1311:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(input.bunit, "");
data/montage-6.0+dfsg/MontageLib/ShrinkCube/mShrinkCube.c:63:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg) || hdu < 0)
data/montage-6.0+dfsg/MontageLib/ShrinkCube/mShrinkCube.c:74:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg) || mfactor <= 0)
data/montage-6.0+dfsg/MontageLib/ShrinkCube/mShrinkCube.c:113:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[optind + 2] + strlen(argv[optind + 2]))
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:163:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/ShrinkCube/montageShrinkCube.c:1390:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(input.bunit, "");
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:68:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(d3constraint, "");
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:69:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(d4constraint, "");
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:101:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[i+1] + strlen(argv[i+1]) || hdu < 0)
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:119:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[i+1] + strlen(argv[i+1]) || d3begin < 0)
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:128:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[i+2] + strlen(argv[i+2]) || d3end < 0)
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:294:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[3] + (int)strlen(argv[3]))
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:304:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[4] + (int)strlen(argv[4]))
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:315:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[5] + (int)strlen(argv[5]))
data/montage-6.0+dfsg/MontageLib/SubCube/mSubCube.c:327:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[6] + (int)strlen(argv[6]))
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:143:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:171:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(params.dConstraint[0], "");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:175:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(d3constraint) > 0)
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:223:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(params.dConstraint[1], "");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:227:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(d4constraint) > 0)
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:776:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(warning, "");
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:848:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(params->naxis < 3 && strlen(params->dConstraint[0]) > 0)
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:854:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(params->naxis < 4 && strlen(params->dConstraint[1]) > 0)
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1479:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
endstr = list + strlen(list);
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1512:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = begin + strlen(begin) - 1;
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1520:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = split + strlen(split) - 1;
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1527:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(ptr < begin + strlen(begin))
data/montage-6.0+dfsg/MontageLib/SubCube/montageSubCube.c:1537:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(ptr < split + strlen(split))
data/montage-6.0+dfsg/MontageLib/Subimage/mSubimage.c:89:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[i+1] + strlen(argv[i+1]) || hdu < 0)
data/montage-6.0+dfsg/MontageLib/Subimage/mSubimage.c:209:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[3] + (int)strlen(argv[3]))
data/montage-6.0+dfsg/MontageLib/Subimage/mSubimage.c:218:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[4] + (int)strlen(argv[4]))
data/montage-6.0+dfsg/MontageLib/Subimage/mSubimage.c:228:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[5] + (int)strlen(argv[5]))
data/montage-6.0+dfsg/MontageLib/Subimage/mSubimage.c:239:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[6] + (int)strlen(argv[6]))
data/montage-6.0+dfsg/MontageLib/Subimage/montageSubimage.c:195:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:195:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:531:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:995:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:1002:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:1003:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:1005:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:1006:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:1121:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:1198:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:1199:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/MontageLib/Subset/montageSubset.c:1210:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/MontageLib/TANHdr/mTANHdr.c:99:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/TANHdr/mTANHdr.c:113:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/TANHdr/mTANHdr.c:127:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:215:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1239:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cdelt1, "");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1240:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cdelt2, "");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1241:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(crota2, "");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1242:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cd11, "");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1243:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cd12, "");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1244:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cd21, "");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1245:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cd22, "");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1246:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(pc11, "");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1247:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(pc12, "");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1248:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(pc21, "");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1249:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(pc22, "");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1250:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(epoch, "");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1251:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(equinox, "");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1258:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(line);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1410:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1417:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1418:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1420:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1421:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1490:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hlen = strlen(header);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1491:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clen = strlen(card);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1502:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1541:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1844:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(header);
data/montage-6.0+dfsg/MontageLib/TANHdr/montageTANHdr.c:1873:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line) > 0)
data/montage-6.0+dfsg/MontageLib/Transpose/mTranspose.c:44:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(statfile, "");
data/montage-6.0+dfsg/MontageLib/Transpose/mTranspose.c:58:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(statfile) > 0)
data/montage-6.0+dfsg/MontageLib/Transpose/mTranspose.c:81:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - argv[i+1] < strlen(argv[i+1]))
data/montage-6.0+dfsg/MontageLib/Transpose/mTranspose.c:140:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[3] + (int)strlen(argv[3]))
data/montage-6.0+dfsg/MontageLib/Transpose/mTranspose.c:152:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[4] + (int)strlen(argv[4]))
data/montage-6.0+dfsg/MontageLib/Transpose/mTranspose.c:164:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[5] + (int)strlen(argv[5]))
data/montage-6.0+dfsg/MontageLib/Transpose/mTranspose.c:176:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[6] + (int)strlen(argv[6]))
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:150:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1026:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(newcard) > 0)
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1342:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(retstr, "");
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1368:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(keyname) != strlen(wcskey))
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1368:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(keyname) != strlen(wcskey))
data/montage-6.0+dfsg/MontageLib/Transpose/montageTranspose.c:1373:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<strlen(keyname); ++j)
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:46:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(outFile, "");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:47:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(fontFile, "");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:48:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(jsonStr, "");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:49:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(jsonFile, "");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:50:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(line, "");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:138:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(jsonStr) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:159:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(jsonFile) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:169:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(jsonStr, "");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:178:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line) - 1;
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:195:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(jsonStr, " ");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:221:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cmdstr, "");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:226:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmdstr, " ");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:228:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmdstr, "\"");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer.c:230:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cmdstr, "\"");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:851:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(label, "");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:888:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = sstr + strlen(sstr) - 1;
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:911:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "-");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:913:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "+");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:916:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "d");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:918:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(mstr) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:920:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, " ");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:922:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "m");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:924:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(sstr) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:928:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(sstr) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:930:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, " ");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:932:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "s");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:958:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(label, "");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:991:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = sstr + strlen(sstr) - 1;
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:1016:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "h");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:1018:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "d");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:1020:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(mstr) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:1022:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, " ");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:1024:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "m");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:1026:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(sstr) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:1030:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(sstr) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:1032:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, " ");
data/montage-6.0+dfsg/MontageLib/Viewer/mViewer_grid.c:1034:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "s");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:606:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(returnStruct->msg, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:622:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(fontFile) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:632:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(fontfile[strlen(fontfile)-1] != '/')
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:633:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fontfile, "/");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:658:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(symSizeColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:659:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(symShapeColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:660:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(scaleColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:661:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(labelColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:662:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(colorColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:673:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(statusfile, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:674:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(grayfile, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:675:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(redfile, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:676:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(greenfile, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:677:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(bluefile, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:678:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(pngfile, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:679:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(jpegfile, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:680:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(grayhistfile, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:681:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(redhistfile, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:682:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(greenhistfile, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:683:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(bluehistfile, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:733:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(layout, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:766:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < valstr+strlen(valstr))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:792:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(fontScale <= 0. || end < valstr+strlen(valstr))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:806:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(colortable < 0 || colortable > 11 || end < valstr+strlen(valstr))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:820:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(truecolor <= 1. || truecolor > 4. || end < valstr+strlen(valstr))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:858:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(grayfile) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:883:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(colortable < 0 || colortable > 11 || end < valstr+strlen(valstr))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:901:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(valstr) > 1
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:902:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( valstr[strlen(valstr)-1] == 'g'
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:903:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| valstr[strlen(valstr)-1] == 'l'))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:931:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(graylogpower < 0 || end < valstr + strlen(valstr))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:963:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(redfile) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:994:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(valstr) > 1
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:995:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( valstr[strlen(valstr)-1] == 'g'
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:996:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| valstr[strlen(valstr)-1] == 'l'))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1024:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(redlogpower < 0 || end < valstr + strlen(valstr))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1056:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(greenfile) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1087:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(valstr) > 1
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1088:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( valstr[strlen(valstr)-1] == 'g'
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1089:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| valstr[strlen(valstr)-1] == 'l'))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1117:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(greenlogpower < 0 || end < valstr + strlen(valstr))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1149:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(bluefile) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1180:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(valstr) > 1
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1181:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( valstr[strlen(valstr)-1] == 'g'
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1182:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| valstr[strlen(valstr)-1] == 'l'))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1210:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(bluelogpower < 0 || end < valstr + strlen(valstr))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1294:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(grid[ngrid].fontscale <= 0. || end < valstr+strlen(valstr))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1367:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cat[ncat].scaleColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1413:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = valstr + strlen(valstr) - 1;
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1434:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < (valstr + (int)strlen(valstr)))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1452:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cat[ncat].symSizeColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1459:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cat[ncat].symShapeColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1466:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cat[ncat].labelColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1473:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cat[ncat].colorColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1616:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = valstr + strlen(valstr) - 1;
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1637:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < (valstr + (int)strlen(valstr)))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1680:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(label[nlabel].fontscale <= 0. || end < valstr+strlen(valstr))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1775:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(fontScale <= 0. || end < argv[i+1]+strlen(argv[i+1]))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1813:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(truecolor < 1. || truecolor > 4. || end < argv[i+1]+strlen(argv[i+1]))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:1827:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(colorColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2006:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = argv[i+1] + strlen(argv[i+1]) - 1;
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2028:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < (argv[i+1] + (int)strlen(argv[i+1])))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2127:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < (argv[i+1] + (int)strlen(argv[i+1])))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2151:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < (argv[i+1] + (int)strlen(argv[i+1])) || symNPnt < 3)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2163:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < (argv[i+1] + (int)strlen(argv[i+1])))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2184:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(scaleColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2230:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(colorColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2254:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(symSizeColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2278:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(symShapeColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2302:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(labelColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2438:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cat[ncat].scaleColumn , "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2457:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cat[ncat].labelColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2458:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cat[ncat].symSizeColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2459:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cat[ncat].symShapeColumn, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2479:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(colortable < 0 || colortable > 11 || end < argv[i+1]+strlen(argv[i+1]))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2547:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[i+4]) > 1
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2548:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( argv[i+4][strlen(argv[i+4])-1] == 'g'
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2549:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| argv[i+4][strlen(argv[i+4])-1] == 'l'))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2589:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(graylogpower < 0 || end < argv[i+4] + strlen(argv[i+4]))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2677:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[i+4]) > 1
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2678:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( argv[i+4][strlen(argv[i+4])-1] == 'g'
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2679:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| argv[i+4][strlen(argv[i+4])-1] == 'l'))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2719:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(redlogpower < 0 || end < argv[i+4] + strlen(argv[i+4]))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2806:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[i+4]) > 1
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2807:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( argv[i+4][strlen(argv[i+4])-1] == 'g'
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2808:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| argv[i+4][strlen(argv[i+4])-1] == 'l'))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2848:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(greenlogpower < 0 || end < argv[i+4] + strlen(argv[i+4]))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2934:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[i+4]) > 1
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2935:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( argv[i+4][strlen(argv[i+4])-1] == 'g'
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2936:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| argv[i+4][strlen(argv[i+4])-1] == 'l'))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:2976:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(bluelogpower < 0. || end < argv[i+4] + strlen(argv[i+4]))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3067:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(grayfile) == 0 && strlen(greenfile) == 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3067:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(grayfile) == 0 && strlen(greenfile) == 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3189:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(redfile) > 0
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3190:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(greenfile) > 0
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3191:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(bluefile) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3197:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(redfile) == 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3203:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(greenfile) == 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3209:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(bluefile) == 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3217:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(grayfile) == 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3225:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(pngfile) == 0
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3226:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(jpegfile) == 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3258:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(redfile) == 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3264:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(greenfile) == 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3270:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(bluefile) == 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3528:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(bunit, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3728:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(redhistfile) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3777:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(greenhistfile) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:3826:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(bluehistfile) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:4425:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(grayfile) == 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:4442:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(bunit, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:4637:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(grayhistfile) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5024:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(cat[i].scaleColumn) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5042:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(cat[i].colorColumn) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5060:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(cat[i].symSizeColumn) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5078:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(cat[i].symShapeColumn) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5096:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(cat[i].labelColumn) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5172:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = symbolstr + strlen(symbolstr) - 1;
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5196:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < (symbolstr + (int)strlen(symbolstr)) || symSize <= 0.)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5305:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(labelstr) > 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5350:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(cat[i].colorColumn);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:5494:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(im_header, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6017:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < (cmdv[i] + (int)strlen(cmdv[i])))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6038:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < (cmdv[i] + (int)strlen(cmdv[i])) || *symNPnt < 3)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6047:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < (cmdv[i] + (int)strlen(cmdv[i])))
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6077:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(colorstr) == 6 && mViewer_hexVal(colorstr[0]) >= 0)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6079:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<strlen(colorstr); ++j)
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6237:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hlen = strlen(header);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6238:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clen = strlen(card);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6249:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:6290:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(file);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7212:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = ptr + strlen(header);
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7214:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7275:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(comment, "\n");
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7277:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += strlen(line) + 1;
data/montage-6.0+dfsg/MontageLib/Viewer/montageViewer.c:7370:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWT.c:139:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*level = strlen(id);
data/montage-6.0+dfsg/MontageLib/WWT/mHdrWWTExec.c:108:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(hdrStr, "");
data/montage-6.0+dfsg/MontageLib/WWT/mPNGWWTExec.c:292:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tileStr, "");
data/montage-6.0+dfsg/MontageLib/WWT/mProjWWTExec.c:140:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tileStr, "");
data/montage-6.0+dfsg/MontageLib/mJupyter.c:83:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(template[strlen(template)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/mJupyter.c:84:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
template[strlen(template)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/mJupyter.c:166:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(code[strlen(code)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/mJupyter.c:167:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
code[strlen(code)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/mJupyter.c:185:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(code[strlen(code)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/mJupyter.c:186:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
code[strlen(code)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/mJupyter.c:237:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(code[strlen(code)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/mJupyter.c:238:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
code[strlen(code)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/mJupyter.c:255:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(code[strlen(code)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/mJupyter.c:256:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
code[strlen(code)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:203:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(mHeader, "");
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:255:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(tmpstr[strlen(tmpstr)-1] == '\'')
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:256:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpstr[strlen(tmpstr)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:314:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[(int)strlen(line)-1] == '\n')
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:315:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[(int)strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:317:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[(int)strlen(line)-1] == '\r')
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:318:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[(int)strlen(line)-1] = '\0';
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:322:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((int)strlen(line) > 80)
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:328:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(pline);
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:361:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((int)strlen(mHeader) + 160 > maxhdr)
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:463:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ctype1) < 8)
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:469:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ctype2) < 8)
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:485:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ptr1) == 0
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:486:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(ptr2) == 0)
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:500:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ptr1) != 3)
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:506:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ptr2) != 3)
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:589:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:613:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:632:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:651:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:685:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:698:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:711:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:724:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:737:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:750:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:761:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:774:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:787:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:800:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:813:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:824:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:835:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:846:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:857:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:868:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < value + (int)strlen(value))
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:889:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = (int)strlen(header);
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:890:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = (int)strlen(card);
data/montage-6.0+dfsg/MontageLib/util/checkHdr.c:901:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return((int)strlen(header));
data/montage-6.0+dfsg/MontageLib/util/debugCheck.c:30:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - debugStr < (int)strlen(debugStr))
data/montage-6.0+dfsg/MontageLib/util/filePath.c:44:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(fname) >= 2 && strncmp(fname, "./", 2) == 0)
data/montage-6.0+dfsg/MontageLib/util/filePath.c:53:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(base);
data/montage-6.0+dfsg/MontageLib/util/filePath.c:58:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(base, "/");
data/montage-6.0+dfsg/MontageLib/util/filePath.c:84:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(fname);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:281:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(workspace, "");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:282:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(savefile, "");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:283:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(hdrfile, "");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:284:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(hdrtext, "");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:352:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(workspace) == 0)
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:364:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(temp[strlen(temp)-1] != '/')
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:365:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp, "/");
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:367:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(workspace) == 0)
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:368:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp[strlen(temp)-1] = '\0';
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:375:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(workspace); ++i)
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:451:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(hdrfile) > 0)
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:497:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(hdrtext) == 0)
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:515:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while(hdrtext[strlen(hdrtext)-1] == '\n'
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:516:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| hdrtext[strlen(hdrtext)-1] == '\r')
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:517:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hdrtext[strlen(hdrtext)-1] = '\0';
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:521:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<strlen(hdrtext); ++j)
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:527:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(outstr) > 0)
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:571:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(fmsg, "hdrtext = %lu characters\n", strlen(hdrtext));
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:661:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(temp[strlen(temp)-1] == '\n')
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:662:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp[strlen(temp)-1] = '\0';
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:911:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gpfsname[strlen(gpfsname)-3] = '\0';
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1158:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(outfile) > 3 && strcmp(outfile+strlen(outfile)-3, ".gz") == 0)
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1158:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(outfile) > 3 && strcmp(outfile+strlen(outfile)-3, ".gz") == 0)
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1159:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(outfile+strlen(outfile)-3) = '\0';
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1323:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(msg) > 30)
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1600:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
areafile[strlen(areafile) - 5] = '\0';
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1821:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
areafile[strlen(areafile) - 5] = '\0';
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:1966:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(savefile) > 0)
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2035:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
areafile[strlen(areafile) - 5] = '\0';
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2087:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
areafile[strlen(areafile) - 5] = '\0';
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2461:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2462:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/grid/Globus/ExecTG/mExecTG.c:2473:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/grid/Globus/NotifyTG/mNotifyTG.c:86:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Globus/NotifyTG/mNotifyTG.c:115:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(result); ++i)
data/montage-6.0+dfsg/grid/Globus/NotifyTG/mNotifyTG.c:193:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/montage-6.0+dfsg/grid/Globus/NotifyTG/mNotifyTG.c:195:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (unsigned char *) malloc(3 * strlen(s) + 1);
data/montage-6.0+dfsg/grid/Pegasus/hashtable.c:250:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hashtable->subkey = malloc(strlen(key)+1);
data/montage-6.0+dfsg/grid/Pegasus/mConcatFit.c:200:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(statfile, "/");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:230:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(timestr); ++i)
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:944:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname)-5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:997:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname)-5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1048:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname)-5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1180:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname) - 5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1254:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plusname [strlen(plusname) - 5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1255:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
minusname[strlen(minusname) - 5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1257:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname) - 5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1428:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname) - 5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1534:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname) - 5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1590:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname) - 5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1672:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname) - 5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:1737:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname) - 5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2037:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2038:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2161:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2175:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2176:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2178:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2179:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2265:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hlen = strlen(header);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2266:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clen = strlen(card);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2277:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2343:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2395:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
endPtr = result + strlen(result);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2511:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/montage-6.0+dfsg/grid/Pegasus/mDAG.c:2513:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (unsigned char *) malloc(3 * strlen(s) + 1);
data/montage-6.0+dfsg/grid/Pegasus/mDAGFiles.c:116:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mDAGFiles.c:208:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/montage-6.0+dfsg/grid/Pegasus/mDAGFiles.c:210:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (unsigned char *) malloc(3 * strlen(s) + 1);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:205:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(timestr); ++i)
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:640:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname)-5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:693:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname)-5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:744:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname)-5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:831:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname) - 5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:904:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plusname [strlen(plusname) - 5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:905:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
minusname[strlen(minusname) - 5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:907:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname) - 5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1078:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname) - 5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1176:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname) - 5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1245:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname[strlen(fname) - 5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1408:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1409:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1532:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1546:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1547:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1549:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1550:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1636:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hlen = strlen(header);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1637:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clen = strlen(card);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1648:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1714:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1766:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
endPtr = result + strlen(result);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1882:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/montage-6.0+dfsg/grid/Pegasus/mDAGGalacticPlane.c:1884:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (unsigned char *) malloc(3 * strlen(s) + 1);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:325:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(input.fname) > namelen)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:326:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(input.fname);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:560:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:598:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(input.fname) > namelen)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:599:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(input.fname);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:843:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ofile) > 3 && strcmp(ofile+strlen(ofile)-3, ".gz") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:843:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ofile) > 3 && strcmp(ofile+strlen(ofile)-3, ".gz") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:844:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ofile[strlen(ofile)-3] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:846:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 2 && strcmp(ofile+strlen(ofile)-2, ".Z") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:846:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 2 && strcmp(ofile+strlen(ofile)-2, ".Z") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:847:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ofile[strlen(ofile)-2] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:849:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 2 && strcmp(ofile+strlen(ofile)-2, ".z") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:849:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 2 && strcmp(ofile+strlen(ofile)-2, ".z") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:850:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ofile[strlen(ofile)-2] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:852:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 4 && strcmp(ofile+strlen(ofile)-4, ".zip") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:852:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 4 && strcmp(ofile+strlen(ofile)-4, ".zip") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:853:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ofile[strlen(ofile)-4] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:855:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 2 && strcmp(ofile+strlen(ofile)-2, "-z") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:855:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 2 && strcmp(ofile+strlen(ofile)-2, "-z") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:856:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ofile[strlen(ofile)-2] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:858:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 3 && strcmp(ofile+strlen(ofile)-3, "-gz") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:858:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 3 && strcmp(ofile+strlen(ofile)-3, "-gz") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:859:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ofile[strlen(ofile)-3] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:864:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ofile) > 5 && strcmp(ofile+strlen(ofile)-5, ".fits") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:864:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ofile) > 5 && strcmp(ofile+strlen(ofile)-5, ".fits") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:865:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ofile[strlen(ofile)-5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:867:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 5 && strcmp(ofile+strlen(ofile)-5, ".FITS") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:867:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 5 && strcmp(ofile+strlen(ofile)-5, ".FITS") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:868:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ofile[strlen(ofile)-5] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:870:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 4 && strcmp(ofile+strlen(ofile)-4, ".fit") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:870:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 4 && strcmp(ofile+strlen(ofile)-4, ".fit") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:871:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ofile[strlen(ofile)-4] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:873:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 4 && strcmp(ofile+strlen(ofile)-4, ".FIT") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:873:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 4 && strcmp(ofile+strlen(ofile)-4, ".FIT") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:874:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ofile[strlen(ofile)-4] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:876:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 4 && strcmp(ofile+strlen(ofile)-4, ".fts") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:876:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 4 && strcmp(ofile+strlen(ofile)-4, ".fts") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:877:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ofile[strlen(ofile)-4] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:879:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 4 && strcmp(ofile+strlen(ofile)-4, ".FTS") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:879:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(ofile) > 4 && strcmp(ofile+strlen(ofile)-4, ".FTS") == 0)
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:880:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ofile[strlen(ofile)-4] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:1005:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:1012:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:1013:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:1015:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:1016:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:1112:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:1113:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/grid/Pegasus/mDAGTbls.c:1124:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/grid/Pegasus/mDiffFit.c:113:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:122:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:159:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(server, urlPtr+11,u2 - urlPtr - 11);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:165:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(portStr, u2+1, u3 - u2 - 1);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:173:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(base, u3, u4-u3);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:203:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:206:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:209:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:212:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:215:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:218:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:221:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:224:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:227:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:230:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:233:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:248:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:251:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:254:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:257:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:260:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:291:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(message, urlPtr+10, u2 - urlPtr - 10);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:320:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(jobid,urlPtr+7,u2 - urlPtr - 7);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:394:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/montage-6.0+dfsg/grid/Pegasus/mGridExec.c:396:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (unsigned char *) malloc(3 * strlen(s) + 1);
data/montage-6.0+dfsg/grid/Pegasus/mNotify.c:90:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/grid/Pegasus/mNotify.c:128:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(result); ++i)
data/montage-6.0+dfsg/grid/Pegasus/mNotify.c:200:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/montage-6.0+dfsg/grid/Pegasus/mNotify.c:202:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (unsigned char *) malloc(3 * strlen(s) + 1);
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:60:23: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if(band[0] == 'j') strcpy(band, "J");
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:61:23: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if(band[0] == 'h') strcpy(band, "H");
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:64:23: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if(band[0] == 'J') strcpy(band, "J");
data/montage-6.0+dfsg/grid/Pegasus/mPresentation.c:65:23: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if(band[0] == 'H') strcpy(band, "H");
data/montage-6.0+dfsg/grid/Pegasus/nDiffFit.c:106:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/lib/src/cmd/cmd.c:89:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (cmd);
data/montage-6.0+dfsg/lib/src/coord/ccalc.c:597:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (tmp = (char *)malloc(strlen(string)+1)) == (char *)NULL)
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:58:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(cmd); ++i)
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:69:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(cmd); ++i)
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:77:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(cmd); ++i)
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:135:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(lonstr, "");
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:136:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(latstr, "");
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:158:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<strlen(cmdv[i]); ++j)
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:200:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<strlen(cmdv[i]); ++j)
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:246:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<strlen(cmdv[i]); ++j)
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:298:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(lonstr, " ");
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:319:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(latstr, " ");
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:328:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(lonstr) == 0
data/montage-6.0+dfsg/lib/src/coord/parseCoordinateString.c:329:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(latstr) == 0)
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:59:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmph , "0");
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:60:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmpm , "0");
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:61:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmps , "0");
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:69:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
leng = strlen(crain);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:90:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
leng = strlen(crain);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:262:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
testlen = strlen(teststr);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:266:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(teststr); ++i)
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:270:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end == teststr + testlen && strlen(teststr) < 5)
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:283:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmpd , "0");
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:284:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmpm , "0");
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:285:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmps , "0");
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:293:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
leng = strlen(cdecin);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:313:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
leng = strlen(cdecin);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:478:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
testlen = strlen(teststr);
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:482:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(teststr); ++i)
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:486:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end == teststr + testlen && strlen(teststr) < 5)
data/montage-6.0+dfsg/lib/src/coord/sexToDecimalDegree.c:527:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:27:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inlen = strlen(instr);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:69:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(instr);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:103:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = p + strlen(p) - 1;
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:142:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(p);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:194:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sb = json_stripblanks(sb, strlen(sb), 0);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:211:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
se = sb + strlen(sb);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:269:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key = json_stripblanks(key, strlen(key), 1);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:272:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
val = json_stripblanks(val, strlen(val), 1);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:286:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key = json_stripblanks(key, strlen(key), 1);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:437:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inlen = strlen(structstr);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:450:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(subkey);
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:462:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(subkey[strlen(subkey) - 1] == ']')
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:463:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
subkey[strlen(subkey) - 1] = '\0';
data/montage-6.0+dfsg/lib/src/json/jsonlib.c:476:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tail);
data/montage-6.0+dfsg/lib/src/lodepng_20140823/lodepng.c:322:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t insize = strlen(in), i = 0;
data/montage-6.0+dfsg/lib/src/lodepng_20140823/lodepng.c:2400:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(type) != 4) return 0;
data/montage-6.0+dfsg/lib/src/lodepng_20140823/lodepng.c:4879:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t i, textsize = strlen(textstring);
data/montage-6.0+dfsg/lib/src/lodepng_20140823/lodepng.c:4906:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t i, textsize = strlen(textstring);
data/montage-6.0+dfsg/lib/src/lodepng_20140823/lodepng.c:5629:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(info.text_keys[i]) > 79)
data/montage-6.0+dfsg/lib/src/lodepng_20140823/lodepng.c:5634:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(info.text_keys[i]) < 1)
data/montage-6.0+dfsg/lib/src/lodepng_20140823/lodepng.c:5668:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(info.itext_keys[i]) > 79)
data/montage-6.0+dfsg/lib/src/lodepng_20140823/lodepng.c:5673:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(info.itext_keys[i]) < 1)
data/montage-6.0+dfsg/lib/src/lodepng_20140823/lodepng.c:5896:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(size > 0) file.read((char*)(&buffer[0]), size);
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:884:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpath = strlen (cdpath) + 32;
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:925:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (actfile) < 24)
data/montage-6.0+dfsg/lib/src/montage_wcs/actread.c:928:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isfil, actfile, 23);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:133:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ltstr = (int) strlen (tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:137:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (string, tstring, lstr-1);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:276:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ltstr = (int) strlen (tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:280:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (string, tstring, lstr-1);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:329:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ltstr = (int) strlen (tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/ang2str.c:333:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (string, tstring, lstr-1);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:349:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:383:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:417:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:629:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:944:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (str) < 64) {
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:955:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (str) < 64) {
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:966:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (str) < 64) {
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:977:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (str) < 64) {
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:988:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (str) < 64) {
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:998:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (str) < 64)
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1021:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (binpath, "/");
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1040:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nr = (int) read (fcat, sc, 28);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1134:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (binfile) < 24)
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1137:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isfil, binfile, 23);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1145:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lf = strlen (binfile);
data/montage-6.0+dfsg/lib/src/montage_wcs/binread.c:1295:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((int)read (sc->entadd, sc->catline, sc->nbent) < 1)
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:492:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (refcatname) < 1)
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:767:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (refcatname);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:960:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpath = (strlen (progpath0) + 2) / 8;
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:965:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen (progpath); i > -1; i--) {
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1190:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lnum = strlen (numstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1193:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (numstr, " ");
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:1858:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstr = strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2000:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dateform == EP_FD && strlen (temp1) > 10)
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2002:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dateform == EP_ISO && strlen (temp1) > 16)
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2454:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (string == NULL || strlen (string) == 0)
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2459:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstr = strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2627:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lastring = string + strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2630:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (keyword,keyword0, sizeof(keyword)-1);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2639:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2769:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/catutil.c:2989:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (headline," ");
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:390:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:428:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:467:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:715:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:902:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname) + 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1251:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (catpath, "/");
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1289:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (catname) < 24)
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1292:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isfil, catname, 23);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1322:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (header, sc->catbuff+2, lhead-2);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1326:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (header, sc->catbuff+1, lhead-1);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1330:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (header, sc->catbuff, lhead);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1468:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isname, catdesc+2, ldesc-2);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1472:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isname, catdesc+1, ldesc-1);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1476:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isname, catdesc, ldesc);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1659:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (st->objname, token, 31);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1867:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (st->objname, token, 79);
data/montage-6.0+dfsg/lib/src/montage_wcs/ctgread.c:1996:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (value) > 0)
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:2745:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lfd = strlen (fdate);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil.c:2747:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (thms, fdate+11, nbc);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:2650:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lfd = strlen (fdate);
data/montage-6.0+dfsg/lib/src/montage_wcs/dateutil0.c:2652:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (thms, fdate+11, nbc);
data/montage-6.0+dfsg/lib/src/montage_wcs/distort.c:210:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lctype = strlen (str);
data/montage-6.0+dfsg/lib/src/montage_wcs/distort.c:217:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lctype = strlen (str);
data/montage-6.0+dfsg/lib/src/montage_wcs/distort.c:364:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lctype = strlen (ctype);
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:273:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (filepath, "/");
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:305:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (filepath, "/");
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:361:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(line)==1) && (line[0]<32)){
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:365:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lastchar = line + strlen (line) - 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:371:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strlen (line));
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:397:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(token)==1) && (token[0]<32)){
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:401:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lastchar = token + strlen (token) - 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:426:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstr = strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:447:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstr = strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:485:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbr = read (diskfile, keyword, 4);
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:530:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbr = read (diskfile, keyword, 2);
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:568:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbr = read (diskfile, keyword, 6);
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:608:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tokens->lline = strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:617:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
naddw = strlen (cwhite);
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:785:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (token, tokens->tok1[it], ltok);
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:815:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (token, tokens->tok1[it], ltok);
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:823:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (token, tokens->tok1[-it], ltok);
data/montage-6.0+dfsg/lib/src/montage_wcs/fileutil.c:829:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (token, tokens->tok1[1], ltok);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:218:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbr = read (fd, fitsbuf, nbytes);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:287:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (headnext, fitsbuf, nbr);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:429:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbr = read (fd, fitsbuf, nbytes);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:499:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (header, "SIMPLE ", 8);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:536:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (headend, pheader, lprim);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:613:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbr = read (fd, header, nbytes);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:754:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbread = read (fd, imline, nbline);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:831:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbread = read (fd, image, nbytes);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:873:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbread = read (fd, imleft, nbleft);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:950:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbread = read (fd, image, nbytes);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:988:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbread = read (fd, imleft, nbleft);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1111:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (temp) == 0) {
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1176:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (temp) == 0) {
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1236:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pw[ifield].lname = strlen (pw[ifield].kname);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1257:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ltform = strlen (tform);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1357:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbr = read (fd, tbuff, nbuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1370:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (line, tbuff, nbline);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1375:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (line, tbuff1, nbline);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1557:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (string, entry+kw->kf, length);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:1924:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbr = read (fdin, image, nbbuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:2049:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (lasthead-80, "END", 3);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:2058:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (oldheader, header, nbnew);
data/montage-6.0+dfsg/lib/src/montage_wcs/fitsfile.c:2131:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nbr = read (diskfile, keyword, 8);
data/montage-6.0+dfsg/lib/src/montage_wcs/fortwcs.c:371:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (coorsys, getwcsout (wcs), nc);
data/montage-6.0+dfsg/lib/src/montage_wcs/fortwcs.c:419:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (coorsys, getwcsin (wcs), nc);
data/montage-6.0+dfsg/lib/src/montage_wcs/fortwcs.c:443:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (coorsys, getradecsys (wcs), nc);
data/montage-6.0+dfsg/lib/src/montage_wcs/gsc2read.c:131:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tabtable->tabdata == NULL || strlen (tabtable->tabdata) == 0 ||
data/montage-6.0+dfsg/lib/src/montage_wcs/gsc2read.c:255:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (databuff) + (2 * lhead);
data/montage-6.0+dfsg/lib/src/montage_wcs/gsc2read.c:282:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (databuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/gsc2read.c:318:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (tsvbuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:248:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
kw[ik].lname = (int) strlen (kw[ik].kname);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:628:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
kw[ik].lname = (int) strlen (kw[ik].kname);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:908:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
kw[ik].lname = (int) strlen (kw[ik].kname);
data/montage-6.0+dfsg/lib/src/montage_wcs/gscread.c:1171:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rkw[i].lname = strlen (rkw[i].kname);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:134:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:169:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:171:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (val, value, VLENGTH);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:227:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:229:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (val, value, VLENGTH);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:283:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:285:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (val, value, VLENGTH);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:387:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:420:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:422:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (val, value, VLENGTH);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:467:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:469:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (val, value, VLENGTH);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:700:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:704:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (stri, value, lstri-1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:751:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:781:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:785:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (str, value, lstr-1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:818:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nchar = strlen (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:877:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (keyword,keyword0, sizeof(keyword)-1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:900:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (line,vpos,80);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1042:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = strlen (brack1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1114:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1220:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1325:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1349:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (value) > 0)
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1380:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ls1 = strlen (s1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1404:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ls2 = strlen (s2);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1458:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ls1 = strlen ((char *) s1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1484:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ls2 = strlen (s2);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1608:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstr = strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1683:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstr = strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1719:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strend = string + strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1721:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strend = str + strlen (str) - 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1726:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strend = string + strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1736:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstr = strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1748:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstr = strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1775:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstr = strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1788:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstr = strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/hget.c:1795:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstr = strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:151:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = (int) strlen (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:225:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstr = (int) strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:256:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (value, "T");
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:258:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (value, "F");
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:283:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkw = (int) strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:294:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lroot = (int) strlen (keyroot);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:304:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcv = (int) strlen (cval);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:307:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (newkey, "_");
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:363:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkeyword = (int) strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:369:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcval = (int) strlen (cval);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:375:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (&value[1],cval,lcval);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:412:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkeyword = (int) strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:413:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = (int) strlen (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:442:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v2, v1, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:448:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v1,keyword,7);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:460:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v1+9,value,lv1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:491:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v2, ve, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:509:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (line, v1, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:528:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (newcom, c1+2, lcom);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:544:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v1, keyword, lkeyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:553:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (vp, value, lval);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:561:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (vp, value, lval);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:578:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (vp, newcom, lcom);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:611:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkeyword = (int) strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:613:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcom = (int) strlen (comment);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:635:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v2, v1, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:640:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v1, keyword, lkeyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:663:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (line, v1, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:708:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (c0, " / ",3);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:719:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (c1, comment, lcom);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:778:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v, v2, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:819:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v2, v, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:823:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = (int) strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:824:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (hplace, keyword, lkey);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:861:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lv2 = (int) strlen (keyword2);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1006:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ltstr = (int) strlen (tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1010:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (string, tstring, lstr-1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1149:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ltstr = (int) strlen (tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1153:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (string, tstring, lstr-1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1202:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ltstr = (int) strlen (tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput.c:1206:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (string, tstring, lstr-1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:151:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = (int) strlen (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:225:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstr = (int) strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:256:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (value, "T");
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:258:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (value, "F");
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:283:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkw = (int) strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:292:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lroot = (int) strlen (keyroot);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:302:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcv = (int) strlen (cval);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:305:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (newkey, "_");
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:361:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkeyword = (int) strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:367:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcval = (int) strlen (cval);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:373:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (&value[1],cval,lcval);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:410:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkeyword = (int) strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:411:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = (int) strlen (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:440:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v2, v1, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:446:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v1,keyword,7);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:458:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v1+9,value,lv1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:489:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v2, ve, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:507:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (line, v1, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:522:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (newcom, c1+2, lcom);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:538:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v1, keyword, lkeyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:547:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (vp, value, lval);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:555:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (vp, value, lval);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:572:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (vp, newcom, lcom);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:603:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkeyword = (int) strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:605:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcom = (int) strlen (comment);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:627:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v2, v1, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:632:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v1, keyword, lkeyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:655:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (line, v1, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:673:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (c0, " / ",3);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:684:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (c1, comment, lcom);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:743:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v, v2, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:784:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (v2, v, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:788:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = (int) strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:789:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (hplace, keyword, lkey);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:826:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lv2 = (int) strlen (keyword2);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:971:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ltstr = (int) strlen (tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:975:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (string, tstring, lstr-1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1114:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ltstr = (int) strlen (tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1118:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (string, tstring, lstr-1);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1167:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ltstr = (int) strlen (tstring);
data/montage-6.0+dfsg/lib/src/montage_wcs/hput1.c:1171:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (string, tstring, lstr-1);
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:331:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:335:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (str, value, lstr-1);
data/montage-6.0+dfsg/lib/src/montage_wcs/iget.c:466:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:390:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (filename) > 0) {
data/montage-6.0+dfsg/lib/src/montage_wcs/imgetwcs.c:698:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ dateobs0 = calloc (strlen (dateobs), sizeof (char));
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:277:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpname = strlen (pixname);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:293:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (newpixname);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:507:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
(void)strncpy (endline,"END", 3);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:553:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (fitsheader, endline, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:629:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((lstr = strlen (objname)) < 8) {
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:678:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (hdrname);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:784:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (fhead, fitsline, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:796:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (fhead, fitsline, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:826:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (fhead, fitsline, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:837:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (fhead, fitsline, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:853:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (fhead, endline, 80);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:861:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (endline," ",3);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:863:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (fp, endline,80);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1043:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (newpixname, hdrname, SZ_IM2PIXFILE);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1046:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (newpixname);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1056:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
plen = strlen (pixname) - 4;
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1058:12: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
(void)strncat (newpixname, &pixname[4], SZ_IM2PIXFILE - len);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1060:12: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
(void)strncat (newpixname, &pixname[4], plen);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1065:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (newpixname, hdrname, SZ_IM2PIXFILE);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1068:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (newpixname);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1085:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy (newpixname, hdrname, SZ_IM2PIXFILE);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1086:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (newpixname);
data/montage-6.0+dfsg/lib/src/montage_wcs/imhfile.c:1629:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nc = strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/imsetwcs.c:209:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (matchcat) > 0) {
data/montage-6.0+dfsg/lib/src/montage_wcs/imsetwcs.c:433:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (numstr, gobj1[ig], 32);
data/montage-6.0+dfsg/lib/src/montage_wcs/imsetwcs.c:589:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (imcatname) == 0)
data/montage-6.0+dfsg/lib/src/montage_wcs/imsetwcs.c:713:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (imcatname) == 0)
data/montage-6.0+dfsg/lib/src/montage_wcs/imsetwcs.c:741:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (imcatname) == 0)
data/montage-6.0+dfsg/lib/src/montage_wcs/imsetwcs.c:760:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (imcatname) == 0)
data/montage-6.0+dfsg/lib/src/montage_wcs/imutil.c:2566:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nbhead = strlen (header);
data/montage-6.0+dfsg/lib/src/montage_wcs/imutil.c:2641:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (filename) < 40)
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar.c:791:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lastchar = nextline + strlen(nextline) - 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/matchstar1.c:679:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lastchar = nextline + strlen(nextline) - 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:175:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tabtable->tabdata == NULL || strlen (tabtable->tabdata) == 0 ||
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:232:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (databuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:238:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (databuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:245:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (databuff) + strlen (colhead) + strlen (colsep);
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:245:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (databuff) + strlen (colhead) + strlen (colsep);
data/montage-6.0+dfsg/lib/src/montage_wcs/sdssread.c:245:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (databuff) + strlen (colhead) + strlen (colsep);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:250:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tabtable->tabdata == NULL || strlen (tabtable->tabdata) == 0 ||
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:330:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (skybuff) + strlen (tabhead) + 200;
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:330:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (skybuff) + strlen (tabhead) + 200;
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:339:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
colhead = tabbuff + strlen (tabbuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:343:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (colhead,"\t");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:347:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (colhead,"\t");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:351:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (colhead,"\t");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:354:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (colhead,"\t");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:357:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (colhead,"\t");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:360:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (colhead,"\t");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:363:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (colhead,"\t");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:366:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (colhead,"\t");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:369:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (colhead,"\t");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:372:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (colhead,"\t");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:375:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (colhead,"\n");
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:376:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lhead = strlen (colhead);
data/montage-6.0+dfsg/lib/src/montage_wcs/skybotread.c:396:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tbuff = tabbuff + strlen (tabbuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/str2ang.c:62:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/str2ang.c:86:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (value) > 0)
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:329:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:362:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:396:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:699:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (star->objname);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1180:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lval = strlen (value);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1235:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (tabname) < 24)
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1238:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isfil, tabname, 23);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1247:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keyid, startab->colname[i], startab->lcol[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1251:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keyid, startab->colname[i], startab->lcol[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1255:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keyid, startab->colname[i], startab->lcol[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1259:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keyid, startab->colname[i], startab->lcol[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1263:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keyid, startab->colname[i], startab->lcol[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1267:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keyid, startab->colname[i], startab->lcol[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1295:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keyra, startab->colname[i], startab->lcol[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1305:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keyra, startab->colname[i], startab->lcol[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1311:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keyra, startab->colname[i], startab->lcol[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1315:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keyra, startab->colname[i], startab->lcol[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1329:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keydec, startab->colname[i], startab->lcol[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1339:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keydec, startab->colname[i], startab->lcol[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1349:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keydec, startab->colname[i], startab->lcol[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1353:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keydec, startab->colname[i], startab->lcol[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1367:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (keyword, startab->colname[i], startab->lcol[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1369:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (keyword, startab->colname[i], 15);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1435:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (cstr) > 0) {
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1469:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (cstr) > 0) {
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1567:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->keytype, startab->colname[i], startab->lcol[i]);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1661:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sc->nnfld = strlen (cstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1672:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lnum = strlen (cstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1686:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sc->stnum = -strlen (cstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1757:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcn = strlen (cn);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1761:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcn = strlen (cn);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1780:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sc->nnfld = strlen (cn);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1789:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lnum = strlen (cnum);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1824:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ltok = strlen (str);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1984:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
taberr = (char *) calloc (64 + strlen (tabfile), 1);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:1993:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
taberr = (char *) calloc (64 + strlen (tabfile), 1);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2007:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
taberr = (char *) calloc (64 + strlen (tabfile), 1);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2021:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (tabfile) + 2;
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2023:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
taberr = (char *) calloc (64 + strlen (tabfile), 1);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2035:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
taberr = (char *) calloc (64 + strlen (tabfile), 1);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2089:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (tabtable->tabname, thisname, nchar);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2093:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (tabname);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2127:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
taberr = (char *) calloc (64 + strlen (tabfile), 1);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2183:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lline = strlen (tabtable->tabline);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2254:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lline = strlen (tabtable->tabline);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2267:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lline = strlen (tabtable->tabline);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2377:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (str, "0");
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2480:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2516:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (result, str0, ncstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2613:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabread.c:2637:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lkey = strlen (keyword);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabsort.c:60:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (line, line1, nchar);
data/montage-6.0+dfsg/lib/src/montage_wcs/tabsort.c:74:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (buffer) + 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:1093:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpath = strlen (tmcpath) + 18;
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:1098:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpath = strlen (tmcpath) + 18;
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:1175:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (zonefile) < 24)
data/montage-6.0+dfsg/lib/src/montage_wcs/tmcread.c:1178:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isfil, zonefile, 23);
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:132:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (ty2cd, str, 64);
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:693:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (ty2cd, str, 64);
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:903:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpath = strlen (str) + 16;
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:908:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpath = strlen (ty2cd) + 16;
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:981:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tabpath = (char *) malloc (strlen (str) + 16);
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:985:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tabpath = (char *) malloc (strlen (ty2cd) + 16);
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:1195:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpath = strlen(str) + 18;
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:1200:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpath = strlen(ty2cd) + 18;
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:1241:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (ty2file) < 24)
data/montage-6.0+dfsg/lib/src/montage_wcs/ty2read.c:1244:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isfil, ty2file, 23);
data/montage-6.0+dfsg/lib/src/montage_wcs/uacread.c:1386:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen (uapath) > 0)
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:1294:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpath = strlen (ucacpath) + 16;
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:1348:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (zonefile) < 24)
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:1351:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isfil, zonefile, 23);
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread.c:1725:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lineLen = strlen(inBuffer);
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:1249:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lpath = strlen (ucacpath) + 16;
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:1292:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (zonefile) < 24)
data/montage-6.0+dfsg/lib/src/montage_wcs/ucacread0.c:1295:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (sc->isfil, zonefile, 23);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:391:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (ctype1, "XLON",4);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:513:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (ctype2+1, "LAT",3);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:520:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (ctype2+1, "LAT",3);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1533:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcom = strlen (command);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1660:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (coorsys == NULL || strlen (coorsys) < 1 ||
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1669:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(wcs->radecout) - 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1672:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(wcs->radecout) - 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1675:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(wcs->radecout) - 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1686:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(wcs->radecout) - 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1689:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(wcs->radecout) - 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1692:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(wcs->radecout) - 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1769:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (coorsys == NULL || strlen (coorsys) < 1) {
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1777:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(wcs->radecin) - 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1780:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(wcs->radecin) - 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1783:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(wcs->radecin) - 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1794:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(wcs->radecin) - 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1797:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(wcs->radecin) - 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1800:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(wcs->radecin) - 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1937:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (wcstring,"********* **********",lstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1939:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (wcstring,"*******************",lstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1966:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (wcstring,"************* *************",lstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:1969:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (wcstring,"**************************",lstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2037:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (lstr > (int) strlen(wcs->radecout)+1 && wcs->printsys) {
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2039:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (wcstring," ");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2041:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (wcstring," ");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2050:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstring = strlen (rastr) + strlen (decstr) + 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2050:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstring = strlen (rastr) + strlen (decstr) + 1;
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2051:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lunits = strlen (wcs->units[0]) + strlen (wcs->units[1]) + 2;
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2051:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lunits = strlen (wcs->units[0]) + strlen (wcs->units[1]) + 2;
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2054:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (wcs->units[0]) > 0) {
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2055:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (rastr, " ");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2058:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (wcs->units[1]) > 0) {
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2059:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (decstr, " ");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2073:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (wcstring,"********** *********",lstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2075:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy (wcstring,"*******************",lstr);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2082:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (wcs->units[0]) > 0) {
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2083:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (wcstring, " ");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2086:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (wcs->units[1]) > 0) {
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2087:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (wcstring, " ");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2453:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ if (strlen (filename) < 256)
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2456:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (wcsfile, filename, 255);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2468:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
{ if (strlen (wcsfile) > 0)
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2510:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcom = strlen (wcscom) + 2;
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2688:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (newhead, *header, lhead);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2712:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (kwdc, cwcs, 1);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcs.c:2723:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (kwdc, cwcs, 1);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:117:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (upname) == 1)
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:151:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstring = strlen (string);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:259:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wcs->wcsname = (char *) calloc (strlen (wcsname)+2, 1);
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:418:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (wcs->ctype[2], "");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:420:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (wcs->ctype[3], "");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcsinit.c:1307:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (wcs->radecsys) == 0 || wcs->prjcode == WCS_LIN)
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:438:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(wcs->pcode, "");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:439:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(requir, "");
data/montage-6.0+dfsg/lib/src/montage_wcs/wcslib.c:527:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(requir, "");
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:124:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lurl = strlen (caturl);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:248:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tabtable->tabdata == NULL || strlen (tabtable->tabdata) == 0) {
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:326:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lurl = strlen (caturl);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:337:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (numlist, ",");
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:379:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tabtable->tabdata == NULL || strlen (tabtable->tabdata) == 0) {
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:429:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lsrch = strlen (srchpar) + strlen (caturl) + 2;
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:429:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lsrch = strlen (srchpar) + strlen (caturl) + 2;
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:454:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (tabbuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:462:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (tabbuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:470:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (tabbuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:478:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (tabbuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:493:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (tabbuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:513:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (caturl) + 2;
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:524:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (srchpar) + 2;
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:635:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (server, servurl, lserver);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:700:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (server, servurl, lserver);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:771:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lline = strlen (linebuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:778:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (linebuff) <= 0)
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:993:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (tabbuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:1025:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (line0) < 1) {
data/montage-6.0+dfsg/lib/src/montage_wcs/webread.c:1045:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *pstr = str, *buf = malloc(strlen(str) * 3 + 1), *pbuf = buf;
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:119:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lurl = strlen (caturl);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:243:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tabtable->tabdata == NULL || strlen (tabtable->tabdata) == 0) {
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:320:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lurl = strlen (caturl);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:331:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (numlist, ",");
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:373:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tabtable->tabdata == NULL || strlen (tabtable->tabdata) == 0) {
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:423:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lsrch = strlen (srchpar) + strlen (caturl) + 2;
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:423:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lsrch = strlen (srchpar) + strlen (caturl) + 2;
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:446:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (tabbuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:454:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (tabbuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:462:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (tabbuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:470:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (tabbuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:485:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (tabbuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:504:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (caturl) + 2;
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:514:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lname = strlen (srchpar) + 2;
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:613:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (server, servurl, lserver);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:623:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcom = 32 + strlen (urlpath) + strlen (server);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:623:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcom = 32 + strlen (urlpath) + strlen (server);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:646:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (server, sokptr, j);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:660:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcom = 32 + strlen (urlpath) + strlen (server);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:660:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lcom = 32 + strlen (urlpath) + strlen (server);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:714:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lline = strlen (linebuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:721:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (linebuff) <= 0)
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:938:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lbuff = strlen (tabbuff);
data/montage-6.0+dfsg/lib/src/montage_wcs/webread0.c:970:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (line0) < 1) {
data/montage-6.0+dfsg/lib/src/montage_wcs/zpxpos.c:103:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header1 = malloc (strlen(header)+200);
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:107:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tbl_rec_string, "");
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:108:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tbl_hdr_string, "");
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:109:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tbl_typ_string, "");
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:110:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tbl_uni_string, "");
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:111:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tbl_nul_string, "");
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:113:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dval, "");
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:186:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
reclen = (int)strlen(dval);
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:189:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(dval[strlen(dval) - 1] == '\n')
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:190:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dval[strlen(dval) - 1] = '\0';
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:192:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(dval[strlen(dval) - 1] == '\r')
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:193:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dval[strlen(dval) - 1] = '\0';
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:196:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(dval); ++i)
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:252:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(vptr)-1; i>=0; --i)
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:260:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(kptr) > 0)
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:290:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
headlen = (int)strlen(dval);
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:365:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
reclen = (int)strlen(dval);
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:370:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(dval[strlen(dval) - 1] == '\n')
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:371:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dval[strlen(dval) - 1] = '\0';
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:373:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(dval[strlen(dval) - 1] == '\r')
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:374:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dval[strlen(dval) - 1] = '\0';
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:382:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
headlent = (int)strlen(dval);
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:415:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(dval[strlen(dval) - 1] == '\n')
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:416:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dval[strlen(dval) - 1] = '\0';
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:418:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(dval[strlen(dval) - 1] == '\r')
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:419:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dval[strlen(dval) - 1] = '\0';
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:427:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
headlent = (int)strlen(dval);
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:460:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(dval[strlen(dval) - 1] == '\n')
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:461:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dval[strlen(dval) - 1] = '\0';
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:463:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(dval[strlen(dval) - 1] == '\r')
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:464:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dval[strlen(dval) - 1] = '\0';
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:472:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
headlent = (int)strlen(dval);
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:517:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
reclen = (int)strlen(dval);
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:686:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(dval[(int)strlen(dval)-1] == '\n')
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:687:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dval[(int)strlen(dval)-1] = '\0';
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:689:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(dval[(int)strlen(dval)-1] == '\r')
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:690:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dval[(int)strlen(dval)-1] = '\0';
data/montage-6.0+dfsg/lib/src/mtbl/mtbl.c:824:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<(int)strlen(str); ++i)
data/montage-6.0+dfsg/lib/src/mtbl/test/nian2.c:37:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, tbl_hdr_string + tbl_rec[i].endcol-tbl_rec[i].colwd+1, tbl_rec[i].colwd);
data/montage-6.0+dfsg/lib/src/mtbl/test/nian2.c:42:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(type, "");
data/montage-6.0+dfsg/lib/src/mtbl/test/nian2.c:46:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, tbl_typ_string + tbl_rec[i].endcol-tbl_rec[i].colwd+1, tbl_rec[i].colwd);
data/montage-6.0+dfsg/lib/src/mtbl/test/nian2.c:76:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while((*ptr == '|' || *ptr == ' ') && ptr < str+strlen(str))
data/montage-6.0+dfsg/lib/src/mtbl/test/nian2.c:81:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(outstr)-1; i>= 0; --i)
data/montage-6.0+dfsg/lib/src/mtbl/test/test3.c:34:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value, tbl_hdr_string + tbl_rec[i].endcol-tbl_rec[i].colwd+1, tbl_rec[i].colwd);
data/montage-6.0+dfsg/lib/src/mtbl/test/test3.c:45:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value, tbl_typ_string + tbl_rec[i].endcol-tbl_rec[i].colwd+1, tbl_rec[i].colwd);
data/montage-6.0+dfsg/lib/src/mtbl/test/test3.c:65:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(value, tbl_rec_string + tbl_rec[i].endcol-tbl_rec[i].colwd+1, tbl_rec[i].colwd);
data/montage-6.0+dfsg/lib/src/svc/structlib.c:67:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(instr);
data/montage-6.0+dfsg/lib/src/svc/structlib.c:95:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = p + strlen(p) - 1;
data/montage-6.0+dfsg/lib/src/svc/structlib.c:123:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(p);
data/montage-6.0+dfsg/lib/src/svc/structlib.c:175:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sb = svc_stripblanks(sb, strlen(sb), 0);
data/montage-6.0+dfsg/lib/src/svc/structlib.c:192:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
se = sb + strlen(sb);
data/montage-6.0+dfsg/lib/src/svc/structlib.c:249:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key = svc_stripblanks(key, strlen(key), 1);
data/montage-6.0+dfsg/lib/src/svc/structlib.c:252:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
val = svc_stripblanks(val, strlen(val), 1);
data/montage-6.0+dfsg/lib/src/svc/structlib.c:266:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key = svc_stripblanks(key, strlen(key), 1);
data/montage-6.0+dfsg/lib/src/svc/structlib.c:418:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(subkey);
data/montage-6.0+dfsg/lib/src/svc/structlib.c:430:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(subkey[strlen(subkey) - 1] == ']')
data/montage-6.0+dfsg/lib/src/svc/structlib.c:431:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
subkey[strlen(subkey) - 1] = '\0';
data/montage-6.0+dfsg/lib/src/svc/structlib.c:438:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tail);
data/montage-6.0+dfsg/lib/src/svc/svclib.c:259:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(svcstr)+1;
data/montage-6.0+dfsg/lib/src/svc/svclib.c:444:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
svc_list[index]->svcname = (char *)malloc((strlen(name)+1) * sizeof(char));
data/montage-6.0+dfsg/lib/src/svc/svclib.c:445:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
svc_list[index]->sigfunc = (char *)malloc((strlen(sig) +1) * sizeof(char));
data/montage-6.0+dfsg/lib/src/svc/svclib.c:446:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
svc_list[index]->quitstr = (char *)malloc((strlen(quit)+1) * sizeof(char));
data/montage-6.0+dfsg/lib/src/svc/svclib.c:499:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (int)strlen(svc_list[index]->quitstr) > 0)
data/montage-6.0+dfsg/lib/src/svc/svclib.c:571:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (int)strlen(svc_list[index]->quitstr) > 0)
data/montage-6.0+dfsg/lib/src/svc/svclib.c:844:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = fgetc(fp);
data/montage-6.0+dfsg/lib/src/svc/svclib.c:950:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
svc_return_value = (char *)malloc((strlen(svc_return_string)+1) * sizeof(char));
data/montage-6.0+dfsg/lib/src/svc/svclib.c:996:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen (cmd);
data/montage-6.0+dfsg/lib/src/svc/svclib.c:1090:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(cmdv[i]);
data/montage-6.0+dfsg/lib/src/svc/test/structtest.c:22:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(structstr, "");
data/montage-6.0+dfsg/lib/src/svc/test/structtest.c:30:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(structstr, " ");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:59:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(CP_Keyvalue) == 8 )
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:63:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(extension,CP_Keyvalue+9,4);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:192:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(CP_Keyvalue) == 8 )
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/initdistdata.c:196:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(extension,CP_Keyvalue+8,4);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:187:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(mod_key);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:189:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(mod_key," ");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:190:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(mod_key,"=");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:202:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(char_value,temp,length);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:221:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(mod_key);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:223:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(mod_key," ");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:224:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(mod_key,"=");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:236:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(char_value,temp,length);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:256:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(mod_key);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:258:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(mod_key," ");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:259:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(mod_key,"=");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:271:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(char_value,temp,length);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:292:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(mod_key);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:294:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(mod_key," ");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:295:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(mod_key,"=");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:306:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
total_length = strlen(char_value);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/redefine_pointing.c:307:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(temp,char_value,total_length);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:66:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(inheader, "");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:73:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:74:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:76:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:77:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:91:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(outheader, "");
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:98:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:99:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:101:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:102:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:119:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:120:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/lib/src/two_plane_v1.1/test/TwoPlaneTest.c:131:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/lib/src/www/www.c:359:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
total += strlen(line);
data/montage-6.0+dfsg/lib/src/www/www.c:364:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(line+strlen(line)-2, "\r\n", 2) == 0)
data/montage-6.0+dfsg/lib/src/www/www.c:367:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strncmp(line+strlen(line)-1, "\r", 1) == 0)
data/montage-6.0+dfsg/lib/src/www/www.c:370:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strncmp(line+strlen(line)-1, "\n", 1) == 0)
data/montage-6.0+dfsg/lib/src/www/www.c:374:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(endline, "-BAD(%d)-", *(line+strlen(line)-1));
data/montage-6.0+dfsg/lib/src/www/www.c:376:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(line); ++i)
data/montage-6.0+dfsg/lib/src/www/www.c:424:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strncmp(line, boundary, strlen(boundary)) == 0)
data/montage-6.0+dfsg/lib/src/www/www.c:473:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '"')
data/montage-6.0+dfsg/lib/src/www/www.c:474:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/lib/src/www/www.c:478:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
entries[nentry].name = malloc(sizeof(char) * (strlen(line)+1));
data/montage-6.0+dfsg/lib/src/www/www.c:482:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned long)(strlen(line)+1), nentry, entries[nentry].name);
data/montage-6.0+dfsg/lib/src/www/www.c:498:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nentry, entries[nentry].name, (unsigned long)(strlen(line + 1)+1));
data/montage-6.0+dfsg/lib/src/www/www.c:540:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blenb = strlen(buffb);
data/montage-6.0+dfsg/lib/src/www/www.c:541:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blene = strlen(buffe);
data/montage-6.0+dfsg/lib/src/www/www.c:545:24: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = fgetc(stdin);
data/montage-6.0+dfsg/lib/src/www/www.c:746:19: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(entries[i].val, "");
data/montage-6.0+dfsg/lib/src/www/www.c:770:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
entries[i].val = malloc((strlen(valbuf1)+1) * sizeof(char));
data/montage-6.0+dfsg/lib/src/www/www.c:888:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen (entries[i].val) > 10
data/montage-6.0+dfsg/lib/src/www/www.c:919:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(entries[0].val) == 0
data/montage-6.0+dfsg/lib/src/www/www.c:920:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(entries[0].name) <= 256)
data/montage-6.0+dfsg/lib/src/www/www.c:927:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(val);
data/montage-6.0+dfsg/lib/src/www/www.c:950:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(endptr < x+(int)strlen(x))
data/montage-6.0+dfsg/lib/src/www/www.c:954:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(endptr < y+(int)strlen(y))
data/montage-6.0+dfsg/lib/src/www/www.c:1173:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=strlen(keyword_stripped)-1; j>=0; --j)
data/montage-6.0+dfsg/lib/src/www/www.c:1316:24: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
word[ll] = (char)fgetc(f);
data/montage-6.0+dfsg/lib/src/www/www.c:1346:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
word = (char *) malloc(sizeof(char) * (strlen(line)+1));
data/montage-6.0+dfsg/lib/src/www/www.c:1436:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname = p + strlen(p) - 1;
data/montage-6.0+dfsg/lib/src/www/www.c:1451:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
entries[nentry].val = malloc(sizeof(char) * (strlen(fname)+1));
data/montage-6.0+dfsg/lib/src/www/www.c:1455:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(entries[nentry].val); ++i)
data/montage-6.0+dfsg/lib/src/www/www.c:1470:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nentry, entries[nentry].val, (unsigned long)(strlen(fname)+1));
data/montage-6.0+dfsg/lib/src/www/www.c:1484:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(entries[nentry].fname, "_");
data/montage-6.0+dfsg/lib/src/www/www.c:1486:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(entries[nentry].fname, "_");
data/montage-6.0+dfsg/lib/src/www/www.c:1547:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/montage-6.0+dfsg/lib/src/www/www.c:1598:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/montage-6.0+dfsg/lib/src/www/www.c:1600:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (unsigned char *) malloc(3 * strlen(s) + 1);
data/montage-6.0+dfsg/lib/src/www/www.c:1641:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/montage-6.0+dfsg/lib/src/www/www.c:1643:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (unsigned char *) malloc(strlen(s) + 1);
data/montage-6.0+dfsg/lib/src/www/www.c:1665:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < index_str + strlen(index_str)
data/montage-6.0+dfsg/lib/src/www/www.c:1693:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *in = (char *)malloc(strlen(out)+1);
data/montage-6.0+dfsg/lib/src/www/www.c:1697:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(in)-1; i>=0; --i)
data/montage-6.0+dfsg/lib/src/www/www.c:1707:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<strlen(in); ++j)
data/montage-6.0+dfsg/lib/src/www/www.c:1784:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (cookiestr != NULL) && (strlen(cookiestr) > 0) )
data/montage-6.0+dfsg/lib/src/www/www.c:1853:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (title == NULL) || (strlen(title) == 0) )
data/montage-6.0+dfsg/lib/src/www/www.c:1854:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(mytitle, "");
data/montage-6.0+dfsg/lib/src/www/www.c:1859:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (header == NULL) || (strlen(header) == 0) )
data/montage-6.0+dfsg/lib/src/www/www.c:1935:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (footer == NULL) || (strlen(footer) == 0) )
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:173:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = url+strlen(url)-1;
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:198:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(filebase); ++i)
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:204:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(urlbase); ++i)
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:328:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(unzip && strlen(file) > 3 && strcmp(file+strlen(file)-3, ".gz") == 0)
data/montage-6.0+dfsg/util/Archive/ArchiveExec/mArchiveExec.c:328:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(unzip && strlen(file) > 3 && strcmp(file+strlen(file)-3, ".gz") == 0)
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:78:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(archive_msg, "");
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:148:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(fileName) > 4 && strcmp(fileName+strlen(fileName)-4, ".bz2") == 0)
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:148:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(fileName) > 4 && strcmp(fileName+strlen(fileName)-4, ".bz2") == 0)
data/montage-6.0+dfsg/util/Archive/ArchiveGet/mArchiveGet.c:152:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(fileName+strlen(fileName)-4) = '\0';
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:163:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:185:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:186:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:267:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((rc == read (fd, &c, 1)) != 1)
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:304:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/montage-6.0+dfsg/util/Archive/ArchiveList/mArchiveList.c:306:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (unsigned char *) malloc(3 * strlen(s) + 1);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:414:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:737:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:738:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/util/BestImage/mBestImage.c:749:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/util/Calibrate/mCalExec.c:82:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, "");
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:152:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(colname, "");
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:272:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(colname) == 0)
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:774:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:775:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:783:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(line); i<80; ++i)
data/montage-6.0+dfsg/util/CatMap/mCatMap.c:896:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:197:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(socket, request, strlen(request), 0);
data/montage-6.0+dfsg/util/CatSearch/mCatSearch.c:290:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((rc == read (fd, &c, 1)) != 1)
data/montage-6.0+dfsg/util/Examine/mExamine.c:357:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(proj, "");
data/montage-6.0+dfsg/util/Examine/mExamine.c:359:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ctype1) > 5)
data/montage-6.0+dfsg/util/Examine/mExamine.c:1085:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(file);
data/montage-6.0+dfsg/util/Exec/mExec.c:354:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(workspace[iband], "");
data/montage-6.0+dfsg/util/Exec/mExec.c:356:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(savefile, "");
data/montage-6.0+dfsg/util/Exec/mExec.c:357:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmpfile, "");
data/montage-6.0+dfsg/util/Exec/mExec.c:358:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(hdrfile, "");
data/montage-6.0+dfsg/util/Exec/mExec.c:359:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(hdrtext, "");
data/montage-6.0+dfsg/util/Exec/mExec.c:360:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(debugFile, "");
data/montage-6.0+dfsg/util/Exec/mExec.c:361:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(labelText, "");
data/montage-6.0+dfsg/util/Exec/mExec.c:362:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(locText, "");
data/montage-6.0+dfsg/util/Exec/mExec.c:384:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(pngFile, "");
data/montage-6.0+dfsg/util/Exec/mExec.c:491:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(temp[strlen(temp)-1] != '/')
data/montage-6.0+dfsg/util/Exec/mExec.c:492:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp, "/");
data/montage-6.0+dfsg/util/Exec/mExec.c:494:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(rawdir) == 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:495:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp[strlen(temp)-1] = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:502:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(rawdir[strlen(rawdir) - 1] == '/')
data/montage-6.0+dfsg/util/Exec/mExec.c:503:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rawdir[strlen(rawdir) - 1] = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:537:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tmpfile) > 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:540:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(savefile) > 5 && strcasecmp(savefile+strlen(savefile)-5, ".fits") == 0) *(savefile+strlen(savefile)-5) = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:540:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(savefile) > 5 && strcasecmp(savefile+strlen(savefile)-5, ".fits") == 0) *(savefile+strlen(savefile)-5) = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:540:97: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(savefile) > 5 && strcasecmp(savefile+strlen(savefile)-5, ".fits") == 0) *(savefile+strlen(savefile)-5) = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:541:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(savefile) > 4 && strcasecmp(savefile+strlen(savefile)-4, ".fit" ) == 0) *(savefile+strlen(savefile)-4) = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:541:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(savefile) > 4 && strcasecmp(savefile+strlen(savefile)-4, ".fit" ) == 0) *(savefile+strlen(savefile)-4) = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:541:97: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(savefile) > 4 && strcasecmp(savefile+strlen(savefile)-4, ".fit" ) == 0) *(savefile+strlen(savefile)-4) = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:542:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(savefile) > 4 && strcasecmp(savefile+strlen(savefile)-4, ".fit" ) == 0) *(savefile+strlen(savefile)-4) = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:542:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(savefile) > 4 && strcasecmp(savefile+strlen(savefile)-4, ".fit" ) == 0) *(savefile+strlen(savefile)-4) = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:542:97: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(savefile) > 4 && strcasecmp(savefile+strlen(savefile)-4, ".fit" ) == 0) *(savefile+strlen(savefile)-4) = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:543:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(savefile) > 5 && strcasecmp(savefile+strlen(savefile)-5, ".fts" ) == 0) *(savefile+strlen(savefile)-5) = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:543:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(savefile) > 5 && strcasecmp(savefile+strlen(savefile)-5, ".fts" ) == 0) *(savefile+strlen(savefile)-5) = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:543:97: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(savefile) > 5 && strcasecmp(savefile+strlen(savefile)-5, ".fts" ) == 0) *(savefile+strlen(savefile)-5) = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:553:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(savefile, "");
data/montage-6.0+dfsg/util/Exec/mExec.c:605:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(workspace[0]) == 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:627:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(temp[strlen(temp)-1] != '/')
data/montage-6.0+dfsg/util/Exec/mExec.c:628:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp, "/");
data/montage-6.0+dfsg/util/Exec/mExec.c:630:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(workspace[iband]) == 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:631:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp[strlen(temp)-1] = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:643:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(debugFile) > 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:699:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(hdrfile) > 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:745:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(hdrtext) == 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:763:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while(hdrtext[strlen(hdrtext)-1] == '\n'
data/montage-6.0+dfsg/util/Exec/mExec.c:764:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| hdrtext[strlen(hdrtext)-1] == '\r')
data/montage-6.0+dfsg/util/Exec/mExec.c:765:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hdrtext[strlen(hdrtext)-1] = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:769:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<=strlen(hdrtext); ++j)
data/montage-6.0+dfsg/util/Exec/mExec.c:775:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(outstr) > 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:819:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fprintf(fdebug, "hdrtext = %lu characters\n", strlen(hdrtext));
data/montage-6.0+dfsg/util/Exec/mExec.c:913:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(temp[strlen(temp)-1] == '\n')
data/montage-6.0+dfsg/util/Exec/mExec.c:914:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp[strlen(temp)-1] = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:1641:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(infile) > 4 && strcmp(infile+strlen(infile)-4, ".bz2") == 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:1641:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(infile) > 4 && strcmp(infile+strlen(infile)-4, ".bz2") == 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:1642:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(infile+strlen(infile)-4) = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:1646:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(outfile) > 3 && strcmp(outfile+strlen(outfile)-3, ".gz") == 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:1646:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(outfile) > 3 && strcmp(outfile+strlen(outfile)-3, ".gz") == 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:1647:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(outfile+strlen(outfile)-3) = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:1649:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(outfile) > 4 && strcmp(outfile+strlen(outfile)-4, ".fit") == 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:1649:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(outfile) > 4 && strcmp(outfile+strlen(outfile)-4, ".fit") == 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:1650:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(outfile, "s");
data/montage-6.0+dfsg/util/Exec/mExec.c:1653:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(outfile) > 5 &&
data/montage-6.0+dfsg/util/Exec/mExec.c:1654:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(outfile+strlen(outfile)-5, ".FITS", 5) == 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:1655:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outfile[strlen(outfile)-5] = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:1657:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(outfile) > 5 &&
data/montage-6.0+dfsg/util/Exec/mExec.c:1658:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(outfile+strlen(outfile)-5, ".fits", 5) == 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:1659:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outfile[strlen(outfile)-5] = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:1661:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(outfile) > 4 &&
data/montage-6.0+dfsg/util/Exec/mExec.c:1662:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(outfile+strlen(outfile)-4, ".FIT", 4) == 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:1663:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outfile[strlen(outfile)-4] = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:1665:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(outfile) > 4 &&
data/montage-6.0+dfsg/util/Exec/mExec.c:1666:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(outfile+strlen(outfile)-4, ".fit", 4) == 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:1667:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outfile[strlen(outfile)-4] = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:1852:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(msg) > 30)
data/montage-6.0+dfsg/util/Exec/mExec.c:1873:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(goodFile) > 3 && strcmp(goodFile+strlen(goodFile)-3, ".gz") == 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:1873:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(goodFile) > 3 && strcmp(goodFile+strlen(goodFile)-3, ".gz") == 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:1874:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(goodFile+strlen(goodFile)-3) = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:2218:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
areafile[strlen(areafile) - 5] = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:2473:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
areafile[strlen(areafile) - 5] = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:2487:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
areafile[strlen(areafile) - 5] = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:2746:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(savefile) > 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:2833:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
areafile[strlen(areafile) - 5] = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:2893:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
areafile[strlen(areafile) - 5] = '\0';
data/montage-6.0+dfsg/util/Exec/mExec.c:3036:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(labelText) == 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:3039:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(locText, "");
data/montage-6.0+dfsg/util/Exec/mExec.c:3063:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(locText) > 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:3129:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(contactText) > 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:3153:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(pngFile) > 0)
data/montage-6.0+dfsg/util/Exec/mExec.c:3331:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/util/Exec/mExec.c:3332:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/util/Exec/mExec.c:3343:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/util/FixNaN/mFixNaN.c:145:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/util/FixNaN/mFixNaN.c:157:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < optarg + strlen(optarg))
data/montage-6.0+dfsg/util/FixNaN/mFixNaN.c:215:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[offset] + strlen(argv[offset]))
data/montage-6.0+dfsg/util/FixNaN/mFixNaN.c:235:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[offset+1] + strlen(argv[offset+1]))
data/montage-6.0+dfsg/util/Hdr/mHdr.c:79:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(heightstr, "");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:80:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(sysstr, "");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:81:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(equistr, "");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:82:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(resstr, "");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:83:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(rotstr, "");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:85:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(band2MASS, "");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:114:33: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if(bandStr[0] == 'j') strcpy(band2MASS, "j");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:115:33: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else if(bandStr[0] == 'h') strcpy(band2MASS, "h");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:116:33: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else if(bandStr[0] == 'k') strcpy(band2MASS, "k");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:117:33: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else if(bandStr[0] == 'J') strcpy(band2MASS, "j");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:118:33: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else if(bandStr[0] == 'H') strcpy(band2MASS, "h");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:119:33: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else if(bandStr[0] == 'K') strcpy(band2MASS, "k");
data/montage-6.0+dfsg/util/Hdr/mHdr.c:154:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(heightstr) > 0)
data/montage-6.0+dfsg/util/Hdr/mHdr.c:160:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(sysstr) > 0)
data/montage-6.0+dfsg/util/Hdr/mHdr.c:166:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(equistr) > 0)
data/montage-6.0+dfsg/util/Hdr/mHdr.c:172:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(resstr) > 0)
data/montage-6.0+dfsg/util/Hdr/mHdr.c:178:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(rotstr) > 0)
data/montage-6.0+dfsg/util/Hdr/mHdr.c:184:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(band2MASS) > 0)
data/montage-6.0+dfsg/util/Hdr/mHdr.c:235:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(sock, request, strlen(request), 0);
data/montage-6.0+dfsg/util/Hdr/mHdr.c:257:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/util/Hdr/mHdr.c:258:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/util/Hdr/mHdr.c:339:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((rc == read (fd, &c, 1)) != 1)
data/montage-6.0+dfsg/util/Hdr/mHdr.c:376:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/montage-6.0+dfsg/util/Hdr/mHdr.c:378:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (unsigned char *) malloc(3 * strlen(s) + 1);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:294:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(statusfile, "");
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:295:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(grayfile, "");
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:296:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(redfile, "");
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:297:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(greenfile, "");
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:298:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(bluefile, "");
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:299:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(jpegfile, "");
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:370:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<strlen(sysstring); ++j)
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:373:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<strlen(epochstring); ++j)
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:540:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[i+4]) > 1
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:541:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( argv[i+4][strlen(argv[i+4])-1] == 'g'
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:542:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| argv[i+4][strlen(argv[i+4])-1] == 'l'))
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:573:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(graylogpower < 0 || end < argv[i+4] + strlen(argv[i+4]))
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:627:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[i+4]) > 1
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:628:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( argv[i+4][strlen(argv[i+4])-1] == 'g'
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:629:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| argv[i+4][strlen(argv[i+4])-1] == 'l'))
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:660:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(redlogpower < 0 || end < argv[i+4] + strlen(argv[i+4]))
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:714:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[i+4]) > 1
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:715:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( argv[i+4][strlen(argv[i+4])-1] == 'g'
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:716:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| argv[i+4][strlen(argv[i+4])-1] == 'l'))
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:748:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(greenlogpower < 0 || end < argv[i+4] + strlen(argv[i+4]))
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:804:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[i+4]) > 1
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:805:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( argv[i+4][strlen(argv[i+4])-1] == 'g'
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:806:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| argv[i+4][strlen(argv[i+4])-1] == 'l'))
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:835:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(bluelogpower < 0. || end < argv[i+4] + strlen(argv[i+4]))
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:942:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(redfile) > 0
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:943:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(greenfile) > 0
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:944:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(bluefile) > 0)
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:950:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(redfile) == 0)
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:957:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(greenfile) == 0)
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:964:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(bluefile) == 0)
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:973:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(grayfile) == 0)
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:982:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(jpegfile) == 0)
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:1010:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(redfile) == 0)
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:1017:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(greenfile) == 0)
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:1024:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(bluefile) == 0)
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:1628:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const JOCTET *)comment, strlen(comment));
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2086:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(grayfile) == 0)
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2373:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const JOCTET *)comment, strlen(comment));
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2655:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hlen = strlen(header);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2656:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clen = strlen(card);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2667:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:2745:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = file + strlen(file) - 1;
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:3595:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = ptr + strlen(header);
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:3597:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:3658:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(comment, "\n");
data/montage-6.0+dfsg/util/JPEG/mJPEG.c:3660:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += strlen(line) + 1;
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:499:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, "");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:501:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(basefile, "");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:681:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = line + strlen(line);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:794:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = infile + strlen(infile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:804:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(singleId) > 4 && strcmp(singleId+strlen(singleId)-4, ".tbl") == 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:804:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(singleId) > 4 && strcmp(singleId+strlen(singleId)-4, ".tbl") == 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:805:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
singleId[strlen(singleId)-4] = '\0';
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:972:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(basefile) > 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:983:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(basefile) == 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1069:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(basefile) > 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1080:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(basefile) == 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1136:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = infile + strlen(infile);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1146:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(singleId) > 4 && strcmp(singleId+strlen(singleId)-4, ".tbl") == 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1146:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(singleId) > 4 && strcmp(singleId+strlen(singleId)-4, ".tbl") == 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1147:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
singleId[strlen(singleId)-4] = '\0';
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1158:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tblfile, "");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1160:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(path) > 0 && set[iset].file[0] != '/')
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1164:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(tblfile[strlen(tblfile)-1] != '/')
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1165:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tblfile, "/");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1220:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(basefile) > 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1259:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(basefile) == 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1317:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tblfile, "");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1319:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(path) > 0 && set[iset].file[0] != '/')
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1323:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(tblfile[strlen(tblfile)-1] != '/')
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1324:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tblfile, "/");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1568:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tval(icrval1)) == 0
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1569:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(icrval2)) == 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1583:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(proj, "");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1586:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ctype1) > 4)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1646:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmpHeader, "");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1709:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tval(ira1) ) == 0
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1710:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(idec1)) == 0
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1711:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(ira2) ) == 0
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1712:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(idec2)) == 0
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1713:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(ira3) ) == 0
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1714:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(idec3)) == 0
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1715:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(ira4) ) == 0
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1716:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(idec4)) == 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1735:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tval(ira) ) == 0
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1736:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(idec)) == 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1990:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(basefile) > 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:1999:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(basefile) > 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2254:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(basefile) > 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2960:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ilen = strlen(singleId);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:2995:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_typ_string) != 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3088:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ilen = strlen(singleId);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3117:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_typ_string) != 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3243:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tblfile, "");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3245:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(path) > 0 && set[subsetSetid].file[0] != '/')
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3249:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(tblfile[strlen(tblfile)-1] != '/')
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3250:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tblfile, "/");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3266:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_typ_string) != 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3272:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_uni_string) != 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3278:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_nul_string) != 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3346:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tblfile, "");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3348:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(path) > 0 && set[i].file[0] != '/')
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3352:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(tblfile[strlen(tblfile)-1] != '/')
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3353:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tblfile, "/");
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3391:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<strlen(refBlank); ++j)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3424:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<strlen(tblBlank); ++j)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3582:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_typ_string) > 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3587:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(refTypes) > 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3595:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_uni_string) > 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3600:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(refTypes) > 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3608:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_nul_string) > 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3613:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(refTypes) > 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3627:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_typ_string) > 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3632:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(refTypes) > 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3640:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_uni_string) > 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3645:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(refTypes) > 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3653:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_nul_string) > 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:3658:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(refTypes) > 0)
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:4409:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(reffd, (void *)refRec, (size_t)set[setid].reclen);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:4427:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
refRec[strlen(refRec)-1] = '\0';
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:4431:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(out_string);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:4436:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out_string[strlen(tbl_hdr_string)] = '\0';
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:4628:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:4629:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/util/MovingTarget/mMovingTarget.c:4640:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/util/Pad/mPad.c:130:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - argv[i+1] < strlen(argv[i+1]))
data/montage-6.0+dfsg/util/Pad/mPad.c:157:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - argv[i+1] < strlen(argv[i+1]))
data/montage-6.0+dfsg/util/Pad/mPad.c:165:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - argv[i+2] < strlen(argv[i+2]))
data/montage-6.0+dfsg/util/Pad/mPad.c:173:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - argv[i+3] < strlen(argv[i+3]))
data/montage-6.0+dfsg/util/Pad/mPad.c:181:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - argv[i+4] < strlen(argv[i+4]))
data/montage-6.0+dfsg/util/Pad/mPad.c:202:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - argv[i+1] < strlen(argv[i+1]))
data/montage-6.0+dfsg/util/Pix2Coord/mFixHdr.c:71:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = fgetc(fin);
data/montage-6.0+dfsg/util/Rotate/mRotate.c:177:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - argv[i+1] < strlen(argv[i+1]))
data/montage-6.0+dfsg/util/Rotate/mRotate.c:197:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - argv[i+1] < strlen(argv[i+1]))
data/montage-6.0+dfsg/util/Rotate/mRotate.c:245:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[3] + (int)strlen(argv[3]))
data/montage-6.0+dfsg/util/Rotate/mRotate.c:254:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[4] + (int)strlen(argv[4]))
data/montage-6.0+dfsg/util/Rotate/mRotate.c:264:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[5] + (int)strlen(argv[5]))
data/montage-6.0+dfsg/util/Rotate/mRotate.c:275:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[6] + (int)strlen(argv[6]))
data/montage-6.0+dfsg/util/Search/mSearch.c:452:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, "");
data/montage-6.0+dfsg/util/Search/mSearch.c:454:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(basefile, "");
data/montage-6.0+dfsg/util/Search/mSearch.c:593:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = line + strlen(line);
data/montage-6.0+dfsg/util/Search/mSearch.c:796:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = infile + strlen(infile);
data/montage-6.0+dfsg/util/Search/mSearch.c:806:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(singleId) > 4 && strcmp(singleId+strlen(singleId)-4, ".tbl") == 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:806:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(singleId) > 4 && strcmp(singleId+strlen(singleId)-4, ".tbl") == 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:807:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
singleId[strlen(singleId)-4] = '\0';
data/montage-6.0+dfsg/util/Search/mSearch.c:888:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(basefile) > 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:899:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(basefile) == 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:985:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(basefile) > 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:996:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(basefile) == 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:1052:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = infile + strlen(infile);
data/montage-6.0+dfsg/util/Search/mSearch.c:1062:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(singleId) > 4 && strcmp(singleId+strlen(singleId)-4, ".tbl") == 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:1062:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(singleId) > 4 && strcmp(singleId+strlen(singleId)-4, ".tbl") == 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:1063:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
singleId[strlen(singleId)-4] = '\0';
data/montage-6.0+dfsg/util/Search/mSearch.c:1074:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tblfile, "");
data/montage-6.0+dfsg/util/Search/mSearch.c:1076:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(path) > 0 && set[iset].file[0] != '/')
data/montage-6.0+dfsg/util/Search/mSearch.c:1080:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(tblfile[strlen(tblfile)-1] != '/')
data/montage-6.0+dfsg/util/Search/mSearch.c:1081:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tblfile, "/");
data/montage-6.0+dfsg/util/Search/mSearch.c:1138:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(basefile) > 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:1177:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(basefile) == 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:1235:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tblfile, "");
data/montage-6.0+dfsg/util/Search/mSearch.c:1237:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(path) > 0 && set[iset].file[0] != '/')
data/montage-6.0+dfsg/util/Search/mSearch.c:1241:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(tblfile[strlen(tblfile)-1] != '/')
data/montage-6.0+dfsg/util/Search/mSearch.c:1242:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tblfile, "/");
data/montage-6.0+dfsg/util/Search/mSearch.c:1414:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tval(icrval1)) == 0
data/montage-6.0+dfsg/util/Search/mSearch.c:1415:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(icrval2)) == 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:1429:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(proj, "");
data/montage-6.0+dfsg/util/Search/mSearch.c:1432:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ctype1) > 4)
data/montage-6.0+dfsg/util/Search/mSearch.c:1492:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmpHeader, "");
data/montage-6.0+dfsg/util/Search/mSearch.c:1555:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tval(ira1) ) == 0
data/montage-6.0+dfsg/util/Search/mSearch.c:1556:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(idec1)) == 0
data/montage-6.0+dfsg/util/Search/mSearch.c:1557:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(ira2) ) == 0
data/montage-6.0+dfsg/util/Search/mSearch.c:1558:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(idec2)) == 0
data/montage-6.0+dfsg/util/Search/mSearch.c:1559:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(ira3) ) == 0
data/montage-6.0+dfsg/util/Search/mSearch.c:1560:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(idec3)) == 0
data/montage-6.0+dfsg/util/Search/mSearch.c:1561:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(ira4) ) == 0
data/montage-6.0+dfsg/util/Search/mSearch.c:1562:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(idec4)) == 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:1581:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tval(ira) ) == 0
data/montage-6.0+dfsg/util/Search/mSearch.c:1582:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(tval(idec)) == 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:1832:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(basefile) > 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:1841:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(basefile) > 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:2098:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(basefile) > 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:2694:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ilen = strlen(singleId);
data/montage-6.0+dfsg/util/Search/mSearch.c:2731:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_typ_string) != 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:2824:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ilen = strlen(singleId);
data/montage-6.0+dfsg/util/Search/mSearch.c:2855:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_typ_string) != 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:2981:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tblfile, "");
data/montage-6.0+dfsg/util/Search/mSearch.c:2983:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(path) > 0 && set[subsetSetid].file[0] != '/')
data/montage-6.0+dfsg/util/Search/mSearch.c:2987:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(tblfile[strlen(tblfile)-1] != '/')
data/montage-6.0+dfsg/util/Search/mSearch.c:2988:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tblfile, "/");
data/montage-6.0+dfsg/util/Search/mSearch.c:3006:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_typ_string) != 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:3012:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_uni_string) != 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:3018:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_nul_string) != 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:3087:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tblfile, "");
data/montage-6.0+dfsg/util/Search/mSearch.c:3089:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(path) > 0 && set[i].file[0] != '/')
data/montage-6.0+dfsg/util/Search/mSearch.c:3093:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(tblfile[strlen(tblfile)-1] != '/')
data/montage-6.0+dfsg/util/Search/mSearch.c:3094:22: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tblfile, "/");
data/montage-6.0+dfsg/util/Search/mSearch.c:3134:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<strlen(refBlank); ++j)
data/montage-6.0+dfsg/util/Search/mSearch.c:3169:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<strlen(tblBlank); ++j)
data/montage-6.0+dfsg/util/Search/mSearch.c:3271:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_typ_string) > 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:3276:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(refTypes) > 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:3284:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_uni_string) > 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:3289:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(refTypes) > 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:3297:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_nul_string) > 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:3302:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(refTypes) > 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:3316:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_typ_string) > 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:3321:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(refTypes) > 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:3329:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_uni_string) > 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:3334:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(refTypes) > 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:3342:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tbl_nul_string) > 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:3347:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(refTypes) > 0)
data/montage-6.0+dfsg/util/Search/mSearch.c:4046:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(reffd, (void *)refRec, (size_t)set[setid].reclen);
data/montage-6.0+dfsg/util/Search/mSearch.c:4053:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
refOffset, tbl_hdr_string, (int)strlen(tbl_hdr_string), refRec);
data/montage-6.0+dfsg/util/Search/mSearch.c:4064:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
refRec[strlen(refRec)-1] = '\0';
data/montage-6.0+dfsg/util/Search/mSearch.c:4068:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(out_string);
data/montage-6.0+dfsg/util/Search/mSearch.c:4073:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out_string[strlen(tbl_hdr_string)] = '\0';
data/montage-6.0+dfsg/util/Search/mSearch.c:4312:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int hlen = strlen(header);
data/montage-6.0+dfsg/util/Search/mSearch.c:4313:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int clen = strlen(card);
data/montage-6.0+dfsg/util/Search/mSearch.c:4324:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:212:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(header, "");
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:219:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:220:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:222:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\r')
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:223:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:266:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hlen = strlen(header);
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:267:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clen = strlen(card);
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:278:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:293:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(header);
data/montage-6.0+dfsg/util/ShrinkHdr/mShrinkHdr.c:322:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(line) > 0)
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:95:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tblfile, "");
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:96:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(workspace, "");
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:97:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(outfile, "");
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:142:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(workspace) == 0)
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:152:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(temp[strlen(temp)-1] != '/')
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:153:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(temp, "/");
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:155:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(workspace) == 0)
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:156:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp[strlen(temp)-1] = '\0';
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:173:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(outfile) > 0)
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:247:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(namestr, "");
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:256:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(rastr) == 0)
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:267:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(decstr) == 0)
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:281:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(locstr) == 0)
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:297:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(namestr) == 0)
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:302:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(directory[strlen(directory)-1] != '/')
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:303:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(directory, "/");
data/montage-6.0+dfsg/util/TblExec/mTblExec.c:307:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(dirstr); ++i)
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:123:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(statfile, "");
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:151:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end - argv[i+1] < strlen(argv[i+1]))
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:265:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(statfile) > 0)
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:279:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[3] + (int)strlen(argv[3]))
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:295:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[4] + (int)strlen(argv[4]))
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:311:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[5] + (int)strlen(argv[5]))
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:327:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < argv[6] + (int)strlen(argv[6]))
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:601:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(newcard) > 0)
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:834:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(retstr, "");
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:860:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(keyname) != strlen(wcskey))
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:860:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(keyname) != strlen(wcskey))
data/montage-6.0+dfsg/util/Transpose/mTranspose.c:865:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<strlen(keyname); ++j)
data/montage-6.0+dfsg/util/Viewer/grid.c:911:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(label, "");
data/montage-6.0+dfsg/util/Viewer/grid.c:948:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = sstr + strlen(sstr) - 1;
data/montage-6.0+dfsg/util/Viewer/grid.c:971:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "-");
data/montage-6.0+dfsg/util/Viewer/grid.c:973:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "+");
data/montage-6.0+dfsg/util/Viewer/grid.c:976:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "d");
data/montage-6.0+dfsg/util/Viewer/grid.c:978:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(mstr) > 0)
data/montage-6.0+dfsg/util/Viewer/grid.c:980:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, " ");
data/montage-6.0+dfsg/util/Viewer/grid.c:982:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "m");
data/montage-6.0+dfsg/util/Viewer/grid.c:984:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(sstr) > 0)
data/montage-6.0+dfsg/util/Viewer/grid.c:988:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(sstr) > 0)
data/montage-6.0+dfsg/util/Viewer/grid.c:990:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, " ");
data/montage-6.0+dfsg/util/Viewer/grid.c:992:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "s");
data/montage-6.0+dfsg/util/Viewer/grid.c:1018:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(label, "");
data/montage-6.0+dfsg/util/Viewer/grid.c:1051:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = sstr + strlen(sstr) - 1;
data/montage-6.0+dfsg/util/Viewer/grid.c:1076:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "h");
data/montage-6.0+dfsg/util/Viewer/grid.c:1078:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "d");
data/montage-6.0+dfsg/util/Viewer/grid.c:1080:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(mstr) > 0)
data/montage-6.0+dfsg/util/Viewer/grid.c:1082:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, " ");
data/montage-6.0+dfsg/util/Viewer/grid.c:1084:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "m");
data/montage-6.0+dfsg/util/Viewer/grid.c:1086:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(sstr) > 0)
data/montage-6.0+dfsg/util/Viewer/grid.c:1090:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(sstr) > 0)
data/montage-6.0+dfsg/util/Viewer/grid.c:1092:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, " ");
data/montage-6.0+dfsg/util/Viewer/grid.c:1094:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(label, "s");
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:158:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(grayfile, "");
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:207:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[i+4]) > 1
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:208:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( argv[i+4][strlen(argv[i+4])-1] == 'g'
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:209:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| argv[i+4][strlen(argv[i+4])-1] == 'l'))
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:240:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(graylogpower < 0 || end < argv[i+4] + strlen(argv[i+4]))
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:294:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(grayfile) == 0)
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:302:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(histfile) == 0)
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:323:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(grayfile) == 0)
data/montage-6.0+dfsg/util/Viewer/mHistogram.c:436:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(file);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:621:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(fontfile[strlen(fontfile)-1] != '/')
data/montage-6.0+dfsg/util/Viewer/mViewer.c:622:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fontfile, "/");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:645:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(symSizeColumn, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:646:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(symShapeColumn, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:647:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(scaleColumn, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:648:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(labelColumn, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:649:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(colorColumn, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:661:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(statusfile, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:662:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(grayfile, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:663:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(redfile, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:664:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(greenfile, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:665:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(bluefile, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:666:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(jpegfile, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:667:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(pngfile, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:668:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(grayhistfile, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:669:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(redhistfile, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:670:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(greenhistfile, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:671:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(bluehistfile, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:709:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(fontScale <= 0. || end < argv[i+1]+strlen(argv[i+1]))
data/montage-6.0+dfsg/util/Viewer/mViewer.c:732:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(truecolor < 1. || truecolor > 4. || end < argv[i+1]+strlen(argv[i+1]))
data/montage-6.0+dfsg/util/Viewer/mViewer.c:747:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(colorColumn, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:924:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = argv[i+1] + strlen(argv[i+1]) - 1;
data/montage-6.0+dfsg/util/Viewer/mViewer.c:946:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < (argv[i+1] + (int)strlen(argv[i+1])))
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1039:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < (argv[i+1] + (int)strlen(argv[i+1])))
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1064:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < (argv[i+1] + (int)strlen(argv[i+1])) || symNPnt < 3)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1077:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < (argv[i+1] + (int)strlen(argv[i+1])))
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1321:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cat[ncat].scaleColumn , "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1340:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cat[ncat].labelColumn, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1341:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cat[ncat].symSizeColumn, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1342:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cat[ncat].symShapeColumn, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1363:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(colortable < 0 || colortable > 11 || end < argv[i+1]+strlen(argv[i+1]))
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1451:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[i+4]) > 1
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1452:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( argv[i+4][strlen(argv[i+4])-1] == 'g'
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1453:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| argv[i+4][strlen(argv[i+4])-1] == 'l'))
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1493:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(graylogpower < 0 || end < argv[i+4] + strlen(argv[i+4]))
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1576:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[i+4]) > 1
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1577:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( argv[i+4][strlen(argv[i+4])-1] == 'g'
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1578:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| argv[i+4][strlen(argv[i+4])-1] == 'l'))
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1618:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(redlogpower < 0 || end < argv[i+4] + strlen(argv[i+4]))
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1700:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[i+4]) > 1
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1701:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( argv[i+4][strlen(argv[i+4])-1] == 'g'
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1702:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| argv[i+4][strlen(argv[i+4])-1] == 'l'))
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1742:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(greenlogpower < 0 || end < argv[i+4] + strlen(argv[i+4]))
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1824:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[i+4]) > 1
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1825:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& ( argv[i+4][strlen(argv[i+4])-1] == 'g'
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1826:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| argv[i+4][strlen(argv[i+4])-1] == 'l'))
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1866:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(bluelogpower < 0. || end < argv[i+4] + strlen(argv[i+4]))
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1962:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(grayfile) == 0 && strlen(greenfile) == 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:1962:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(grayfile) == 0 && strlen(greenfile) == 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:2085:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(redfile) > 0
data/montage-6.0+dfsg/util/Viewer/mViewer.c:2086:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(greenfile) > 0
data/montage-6.0+dfsg/util/Viewer/mViewer.c:2087:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strlen(bluefile) > 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:2093:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(redfile) == 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:2100:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(greenfile) == 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:2107:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(bluefile) == 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:2116:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(grayfile) == 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:2125:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(pngfile) == 0
data/montage-6.0+dfsg/util/Viewer/mViewer.c:2126:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(jpegfile) == 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:2160:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(redfile) == 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:2167:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(greenfile) == 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:2174:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(bluefile) == 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:2436:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(bunit, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:2640:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(redhistfile) > 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:2676:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(greenhistfile) > 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:2712:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(bluehistfile) > 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:2823:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const JOCTET *)comment, strlen(comment));
data/montage-6.0+dfsg/util/Viewer/mViewer.c:3301:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(grayfile) == 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:3318:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(bunit, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:3510:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(grayhistfile) > 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:3620:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const JOCTET *)comment, strlen(comment));
data/montage-6.0+dfsg/util/Viewer/mViewer.c:3872:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(cat[i].scaleColumn) > 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:3888:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(cat[i].colorColumn) > 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:3904:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(cat[i].symSizeColumn) > 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:3920:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(cat[i].symShapeColumn) > 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:3936:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(cat[i].labelColumn) > 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4005:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = symbolstr + strlen(symbolstr) - 1;
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4029:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < (symbolstr + (int)strlen(symbolstr)) || symSize <= 0.)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4138:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(labelstr) > 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4176:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(cat[i].colorColumn) > 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4310:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(im_header, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4640:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < (cmdv[i] + (int)strlen(cmdv[i])))
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4661:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < (cmdv[i] + (int)strlen(cmdv[i])) || *symNPnt < 3)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4670:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(end < (cmdv[i] + (int)strlen(cmdv[i])))
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4700:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(colorstr) == 6 && hexVal(colorstr[0]) >= 0)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4702:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<strlen(colorstr); ++j)
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4861:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hlen = strlen(header);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4862:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clen = strlen(card);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4873:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(header));
data/montage-6.0+dfsg/util/Viewer/mViewer.c:4916:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(file);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5833:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end = ptr + strlen(header);
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5835:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5896:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(comment, "\n");
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5898:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += strlen(line) + 1;
data/montage-6.0+dfsg/util/Viewer/mViewer.c:5991:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "");
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:102:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(tmpname); ++i)
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:119:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(catname) == 0)
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:137:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xmlfile, "/");
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:222:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0; j<strlen(tmpname); ++j)
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:255:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(name, "");
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:256:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(description, "");
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:257:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(unit, "");
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:258:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(utype, "");
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:259:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(ucd, "");
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:260:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dataType, "");
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:261:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(indexed, "");
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:262:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(primary, "");
data/montage-6.0+dfsg/web/mTAP/tapColumns.c:306:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(flagval, "");
data/montage-6.0+dfsg/web/mTAP/tapStatus.c:129:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(status, "");
data/montage-6.0+dfsg/web/mTAP/tapSubmit.c:52:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/web/mTAP/tapSubmit.c:53:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/web/mTAP/tapSubmit.c:56:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(adql, " ");
data/montage-6.0+dfsg/web/mTAP/tapSubmit.c:104:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(locationStr) == 0)
data/montage-6.0+dfsg/web/mViewer/checkFileExist.c:51:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (filePath[strlen(directory)-1] != '/')
data/montage-6.0+dfsg/web/mViewer/checkFileExist.c:52:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(filePath, "/");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:523:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen (param->greenFile) > 0) {
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:587:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen (param->blueFile) > 0) {
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:783:6: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf (str, "\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:819:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (layercolor, "");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:820:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (hexcolor, "");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:867:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(layercolor) == 0) {
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:950:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(layercolor) == 0) {
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1061:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(datacol) > 0) {
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1166:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(layercolor) == 0) {
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1213:5: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf (str, "\n");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1218:5: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf (str, "}");
data/montage-6.0+dfsg/web/mViewer/constructRetjson.c:1224:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(retstr));
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:99:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param->workspace) == 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:127:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param->jsonStr) == 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:142:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(param->jsonStr); ++i)
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:170:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:185:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:199:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:209:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->canvasWidthStr, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:210:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->canvasHeightStr, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:220:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:238:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:257:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:276:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:302:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:314:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:339:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:358:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:378:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:393:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:402:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:415:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:437:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:450:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:468:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:487:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:506:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:539:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:556:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->imcsys, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:560:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:572:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->objname, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:576:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:588:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->filter, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:592:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:604:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->pixscale, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:608:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:632:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:651:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:670:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:689:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:730:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->sexrapick, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:731:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->sexdecpick, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:737:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:755:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:773:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:791:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:809:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:824:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:839:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:858:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:901:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:910:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:919:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:928:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:942:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:956:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:970:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:984:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1012:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->bunit, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1013:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->imdatadir, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1063:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1087:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1100:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1113:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1128:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1138:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1148:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1158:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1167:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1177:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1186:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1196:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1205:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1216:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1225:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1236:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1246:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1256:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1269:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1306:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1316:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1325:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1335:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1345:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1356:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1375:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1388:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1402:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1431:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1440:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1450:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1460:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1469:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1478:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1509:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1520:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1531:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1543:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1551:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1560:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1582:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (((int)strlen(param->grayFile) == 0) &&
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1583:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((int)strlen(param->redFile) == 0) &&
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1584:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((int)strlen(param->greenFile) == 0) &&
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1585:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((int)strlen(param->blueFile) == 0)) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1619:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].type, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1620:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].coordSys, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1621:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].color, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1622:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].dataFile, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1623:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].dataPath, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1624:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].datadir, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1625:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].visible, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1626:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].dataCol, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1627:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].dataType, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1628:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].dataRef, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1629:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].symType, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1630:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].symSize, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1631:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].symSide, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1632:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].location, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1633:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].text, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1692:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1712:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1731:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1766:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1782:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].symType, "0");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1788:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1800:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].symSide, "3");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1806:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1825:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1837:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].dataCol, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1843:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1855:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].dataType, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1861:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1873:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].dataRef, "");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1879:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1948:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param->overlay[l].symSize, "9");
data/montage-6.0+dfsg/web/mViewer/extractViewParam.c:1954:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(str) > 0) {
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:958:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (substr1, hdr->ctype[ind], 4);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:960:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (substr2, substr1, 3);
data/montage-6.0+dfsg/web/mViewer/getFitshdr.c:980:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (substr2, substr1, 2);
data/montage-6.0+dfsg/web/mViewer/imZoom.c:690:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param->subsetredfile) == 0) {
data/montage-6.0+dfsg/web/mViewer/imZoom.c:697:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param->subsetgrnfile) == 0) {
data/montage-6.0+dfsg/web/mViewer/imZoom.c:704:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param->subsetbluefile) == 0) {
data/montage-6.0+dfsg/web/mViewer/imZoom.c:781:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param->subsetimfile) == 0) {
data/montage-6.0+dfsg/web/mViewer/makeImage.c:245:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param->subsetimfile) > 0)
data/montage-6.0+dfsg/web/mViewer/makeImage.c:262:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param->redFile) > 0) {
data/montage-6.0+dfsg/web/mViewer/makeImage.c:265:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param->greenFile) > 0) {
data/montage-6.0+dfsg/web/mViewer/makeImage.c:268:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param->blueFile) > 0) {
data/montage-6.0+dfsg/web/mViewer/makeImage.c:275:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param->subsetredfile) > 0)
data/montage-6.0+dfsg/web/mViewer/makeImage.c:288:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param->subsetgrnfile) > 0)
data/montage-6.0+dfsg/web/mViewer/makeImage.c:297:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param->subsetbluefile) > 0)
data/montage-6.0+dfsg/web/mViewer/makeImage.c:476:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param->redFile) > 0) {
data/montage-6.0+dfsg/web/mViewer/makeImage.c:533:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param->greenFile) > 0) {
data/montage-6.0+dfsg/web/mViewer/makeImage.c:589:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param->blueFile) > 0) {
data/montage-6.0+dfsg/web/mViewer/makeImage.c:900:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param->overlay[l].datadir) > 0) {
data/montage-6.0+dfsg/web/mViewer/makeImage.c:975:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(symside) == 0) {
data/montage-6.0+dfsg/web/mViewer/makeImage.c:976:11: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (symside, "3");
data/montage-6.0+dfsg/web/mViewer/makeImage.c:980:18: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (symtype, "0");
data/montage-6.0+dfsg/web/mViewer/makeImage.c:983:18: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (symtype, "1");
data/montage-6.0+dfsg/web/mViewer/makeImage.c:986:18: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (symtype, "2");
data/montage-6.0+dfsg/web/mViewer/makeImage.c:991:11: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (symtype, "0");
data/montage-6.0+dfsg/web/mViewer/makeImage.c:992:11: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (symside, "4");
data/montage-6.0+dfsg/web/mViewer/makeImage.c:1019:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param->overlay[l].dataCol) == 0) {
data/montage-6.0+dfsg/web/mViewer/mviewerUtil.c:111:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(cmd[strlen(cmd) - 1] == '\n')
data/montage-6.0+dfsg/web/mViewer/mviewerUtil.c:112:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmd[strlen(cmd) - 1] = '\0';
data/montage-6.0+dfsg/web/mViewer/mviewerUtil.c:155:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(strval);
data/montage-6.0+dfsg/web/mViewer/mviewerUtil.c:175:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (endptr < str + (int)strlen(str)) {
data/montage-6.0+dfsg/web/mViewer/mviewerUtil.c:195:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (endptr < strval + strlen(strval)) {
data/montage-6.0+dfsg/web/mViewer/mviewerUtil.c:218:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ptr != (str + strlen(str)))
data/montage-6.0+dfsg/web/mViewer/mviewerUtil.c:257:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = s + strlen(s);
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:288:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param.cubedatadir) > 0) {
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:353:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param.grayFile) == 0) {
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:449:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param.imdatadir) > 0) {
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:519:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param.imdatadir) > 0) {
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:562:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param.imdatadir) > 0) {
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:605:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param.imdatadir) > 0) {
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:668:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param.imageFile) == 0) {
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:742:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param.subsetimfile, "");
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:745:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param.shrunkimfile) == 0) {
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:769:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param.subsetredfile, "");
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:770:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param.subsetgrnfile, "");
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:771:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (param.subsetbluefile, "");
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:774:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param.shrunkredfile) == 0) {
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:781:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param.shrunkgrnfile) == 0) {
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:788:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(param.shrunkbluefile) == 0) {
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:906:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (((int)strlen(hdr.csysstr) > 0) &&
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:907:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((int)strlen(hdr.epochstr) > 0)) {
data/montage-6.0+dfsg/web/mViewer/nph-mViewer.c:948:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (refJpgpath, "");
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:119:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(fileName, "");
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:129:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(directory, "/");
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:132:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(baseURL, "/");
data/montage-6.0+dfsg/web/mViewer/nph-mViewerHdr.c:144:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = fileName + strlen(fileName);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:94:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(prefix, "");
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:120:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(directory, "/");
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:124:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(baseFile, "/");
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:148:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(prefix) == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:212:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(prefix) == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:257:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tmpstr) > 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:290:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(prefix) == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:320:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(prevname, "");
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:332:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(colname) == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:335:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(label) > 5 && strcmp(label+strlen(label)-5, "(val)") == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:335:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(label) > 5 && strcmp(label+strlen(label)-5, "(val)") == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:336:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(label+strlen(label)-5) = '\0';
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:338:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(colname) > 8 && strcmp(colname+strlen(colname)-8, "_display") == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:338:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(colname) > 8 && strcmp(colname+strlen(colname)-8, "_display") == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:339:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(colname+strlen(colname)-8) = '\0';
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:341:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(colname) > 4 && strcmp(colname+strlen(colname)-4, "_str") == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:341:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(colname) > 4 && strcmp(colname+strlen(colname)-4, "_str") == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:342:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(colname+strlen(colname)-4) = '\0';
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:344:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(colname) > 3 && strcmp(colname+strlen(colname)-3, "str") == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:344:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(colname) > 3 && strcmp(colname+strlen(colname)-3, "str") == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:345:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(colname+strlen(colname)-3) = '\0';
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:377:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(prevname, "");
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:389:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(colname) == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:392:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(colname) > 8 && strcmp(colname+strlen(colname)-8, "_display") == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:392:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(colname) > 8 && strcmp(colname+strlen(colname)-8, "_display") == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:393:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(colname+strlen(colname)-8) = '\0';
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:395:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(colname) > 4 && strcmp(colname+strlen(colname)-4, "_str") == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:395:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(colname) > 4 && strcmp(colname+strlen(colname)-4, "_str") == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:396:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(colname+strlen(colname)-4) = '\0';
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:398:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(colname) > 3 && strcmp(colname+strlen(colname)-3, "str") == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:398:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if(strlen(colname) > 3 && strcmp(colname+strlen(colname)-3, "str") == 0)
data/montage-6.0+dfsg/web/mViewer/nph-mViewerInfo.c:399:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(colname+strlen(colname)-3) = '\0';
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:111:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = fileName + strlen(fileName);
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:158:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(directory, "/");
data/montage-6.0+dfsg/web/mViewer/nph-mViewerStats.c:161:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(baseURL, "/");
data/montage-6.0+dfsg/web/mViewer/parseCsysstr.c:109:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (endptr < str + strlen(str)) {
data/montage-6.0+dfsg/web/mViewer/pick.c:735:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (((int)strlen(rastr) == 0) ||
data/montage-6.0+dfsg/web/mViewer/pick.c:736:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((int)strlen(decstr) == 0)) {
data/montage-6.0+dfsg/web/mViewer/pick.c:1057:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (((int)strlen(rastr) == 0) ||
data/montage-6.0+dfsg/web/mViewer/pick.c:1058:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((int)strlen(decstr) == 0)) {
data/montage-6.0+dfsg/web/mViewer/pick.c:1101:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (((int)strlen(rastr) == 0) ||
data/montage-6.0+dfsg/web/mViewer/pick.c:1102:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((int)strlen(decstr) == 0)) {
data/montage-6.0+dfsg/web/mViewer/writeFitshdrHtml.c:127:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(line[strlen(line)-1] == '\n')
data/montage-6.0+dfsg/web/mViewer/writeFitshdrHtml.c:128:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line)-1] = '\0';
data/montage-6.0+dfsg/web/mViewer/writeFitshdrHtml.c:144:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = keyword + strlen(keyword);
ANALYSIS SUMMARY:
Hits = 14460
Lines analyzed = 309160 in approximately 9.24 seconds (33448 lines/second)
Physical Source Lines of Code (SLOC) = 206491
Hits@level = [0] 12089 [1] 2972 [2] 6852 [3] 258 [4] 4370 [5] 8
Hits@level+ = [0+] 26549 [1+] 14460 [2+] 11488 [3+] 4636 [4+] 4378 [5+] 8
Hits/KSLOC@level+ = [0+] 128.572 [1+] 70.0273 [2+] 55.6344 [3+] 22.4513 [4+] 21.2019 [5+] 0.0387426
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.