Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/motif-2.3.8/localized/util/mkcatdefs.c
Examining data/motif-2.3.8/localized/util/mkmsgcat.c
Examining data/motif-2.3.8/lib/Xm/ComboBox.c
Examining data/motif-2.3.8/lib/Xm/XmStringSeg.c
Examining data/motif-2.3.8/lib/Xm/DropSMgrP.h
Examining data/motif-2.3.8/lib/Xm/TearOffBP.h
Examining data/motif-2.3.8/lib/Xm/ArrowB.h
Examining data/motif-2.3.8/lib/Xm/Transltns.c
Examining data/motif-2.3.8/lib/Xm/UniqueEvnI.h
Examining data/motif-2.3.8/lib/Xm/ChColor.c
Examining data/motif-2.3.8/lib/Xm/Xpmmisc.c
Examining data/motif-2.3.8/lib/Xm/DropDown.h
Examining data/motif-2.3.8/lib/Xm/TransferI.h
Examining data/motif-2.3.8/lib/Xm/FocusAct.c
Examining data/motif-2.3.8/lib/Xm/DialogSavvyT.h
Examining data/motif-2.3.8/lib/Xm/FileSB.h
Examining data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c
Examining data/motif-2.3.8/lib/Xm/xmlist.c
Examining data/motif-2.3.8/lib/Xm/XmIm.h
Examining data/motif-2.3.8/lib/Xm/PushBG.h
Examining data/motif-2.3.8/lib/Xm/TearOffI.h
Examining data/motif-2.3.8/lib/Xm/GMUtilsI.h
Examining data/motif-2.3.8/lib/Xm/DataF.h
Examining data/motif-2.3.8/lib/Xm/SelectioB.h
Examining data/motif-2.3.8/lib/Xm/DisplayP.h
Examining data/motif-2.3.8/lib/Xm/ArrowB.c
Examining data/motif-2.3.8/lib/Xm/Screen.c
Examining data/motif-2.3.8/lib/Xm/FontSP.h
Examining data/motif-2.3.8/lib/Xm/TabStackP.h
Examining data/motif-2.3.8/lib/Xm/Xpms_popen.c
Examining data/motif-2.3.8/lib/Xm/ProtocolsP.h
Examining data/motif-2.3.8/lib/Xm/PrimitiveI.h
Examining data/motif-2.3.8/lib/Xm/SSpinBP.h
Examining data/motif-2.3.8/lib/Xm/ColorS.h
Examining data/motif-2.3.8/lib/Xm/Obso1_2.c
Examining data/motif-2.3.8/lib/Xm/XpmImage.c
Examining data/motif-2.3.8/lib/Xm/TextStrSoP.h
Examining data/motif-2.3.8/lib/Xm/DragCP.h
Examining data/motif-2.3.8/lib/Xm/ScrollFrameT.h
Examining data/motif-2.3.8/lib/Xm/Gadget.h
Examining data/motif-2.3.8/lib/Xm/ResInd.c
Examining data/motif-2.3.8/lib/Xm/Picture.c
Examining data/motif-2.3.8/lib/Xm/MenuShellP.h
Examining data/motif-2.3.8/lib/Xm/Xpmrgb.c
Examining data/motif-2.3.8/lib/Xm/Scale.c
Examining data/motif-2.3.8/lib/Xm/MenuStateP.h
Examining data/motif-2.3.8/lib/Xm/Desktop.c
Examining data/motif-2.3.8/lib/Xm/TextSel.c
Examining data/motif-2.3.8/lib/Xm/PanedW.c
Examining data/motif-2.3.8/lib/Xm/SelectioBI.h
Examining data/motif-2.3.8/lib/Xm/CascadeBP.h
Examining data/motif-2.3.8/lib/Xm/Resolve.c
Examining data/motif-2.3.8/lib/Xm/PictureP.h
Examining data/motif-2.3.8/lib/Xm/ObsoXme.c
Examining data/motif-2.3.8/lib/Xm/ColorP.h
Examining data/motif-2.3.8/lib/Xm/Command.h
Examining data/motif-2.3.8/lib/Xm/MultiList.h
Examining data/motif-2.3.8/lib/Xm/IconHP.h
Examining data/motif-2.3.8/lib/Xm/RCPopup.c
Examining data/motif-2.3.8/lib/Xm/ArrowBGP.h
Examining data/motif-2.3.8/lib/Xm/TravActI.h
Examining data/motif-2.3.8/lib/Xm/TextOut.c
Examining data/motif-2.3.8/lib/Xm/SpecRenderT.h
Examining data/motif-2.3.8/lib/Xm/MenuProcI.h
Examining data/motif-2.3.8/lib/Xm/PixConvI.h
Examining data/motif-2.3.8/lib/Xm/SyntheticI.h
Examining data/motif-2.3.8/lib/Xm/TextSelP.h
Examining data/motif-2.3.8/lib/Xm/DragC.h
Examining data/motif-2.3.8/lib/Xm/RCMenuP.h
Examining data/motif-2.3.8/lib/Xm/GeoUtils.c
Examining data/motif-2.3.8/lib/Xm/SpinB.h
Examining data/motif-2.3.8/lib/Xm/CacheI.h
Examining data/motif-2.3.8/lib/Xm/DestI.h
Examining data/motif-2.3.8/lib/Xm/DrawnBP.h
Examining data/motif-2.3.8/lib/Xm/XmStringI.h
Examining data/motif-2.3.8/lib/Xm/MenuShellI.h
Examining data/motif-2.3.8/lib/Xm/DropSMgr.h
Examining data/motif-2.3.8/lib/Xm/Primitive.c
Examining data/motif-2.3.8/lib/Xm/PngI.h
Examining data/motif-2.3.8/lib/Xm/GetRes.c
Examining data/motif-2.3.8/lib/Xm/DragDrop.h
Examining data/motif-2.3.8/lib/Xm/Paned.c
Examining data/motif-2.3.8/lib/Xm/TextInI.h
Examining data/motif-2.3.8/lib/Xm/XpmCrIFrDat.c
Examining data/motif-2.3.8/lib/Xm/SlideCP.h
Examining data/motif-2.3.8/lib/Xm/CallbackI.h
Examining data/motif-2.3.8/lib/Xm/TextI.h
Examining data/motif-2.3.8/lib/Xm/Tree.h
Examining data/motif-2.3.8/lib/Xm/Direction.c
Examining data/motif-2.3.8/lib/Xm/Sash.c
Examining data/motif-2.3.8/lib/Xm/EditresCom.c
Examining data/motif-2.3.8/lib/Xm/Frame.h
Examining data/motif-2.3.8/lib/Xm/VaSimpleI.h
Examining data/motif-2.3.8/lib/Xm/TranslNew.c
Examining data/motif-2.3.8/lib/Xm/ArrowBG.h
Examining data/motif-2.3.8/lib/Xm/Obso2_0.c
Examining data/motif-2.3.8/lib/Xm/ToggleBGP.h
Examining data/motif-2.3.8/lib/Xm/TabBox.h
Examining data/motif-2.3.8/lib/Xm/VendorSE.c
Examining data/motif-2.3.8/lib/Xm/DrTog.c
Examining data/motif-2.3.8/lib/Xm/TextDIconI.h
Examining data/motif-2.3.8/lib/Xm/XpmRdFToP.c
Examining data/motif-2.3.8/lib/Xm/MenuUtil.c
Examining data/motif-2.3.8/lib/Xm/Protocols.c
Examining data/motif-2.3.8/lib/Xm/Xpmhashtab.c
Examining data/motif-2.3.8/lib/Xm/HashI.h
Examining data/motif-2.3.8/lib/Xm/ToolTip.c
Examining data/motif-2.3.8/lib/Xm/Hash.c
Examining data/motif-2.3.8/lib/Xm/VaSimple.c
Examining data/motif-2.3.8/lib/Xm/IconGI.h
Examining data/motif-2.3.8/lib/Xm/xmlist.h
Examining data/motif-2.3.8/lib/Xm/Notebook.h
Examining data/motif-2.3.8/lib/Xm/XmExtUtil.c
Examining data/motif-2.3.8/lib/Xm/ShellEP.h
Examining data/motif-2.3.8/lib/Xm/DialogS.c
Examining data/motif-2.3.8/lib/Xm/SeparatoGI.h
Examining data/motif-2.3.8/lib/Xm/Label.c
Examining data/motif-2.3.8/lib/Xm/RCHookI.h
Examining data/motif-2.3.8/lib/Xm/TextP.h
Examining data/motif-2.3.8/lib/Xm/DragOverS.h
Examining data/motif-2.3.8/lib/Xm/IconBoxP.h
Examining data/motif-2.3.8/lib/Xm/DragC.c
Examining data/motif-2.3.8/lib/Xm/TextF.h
Examining data/motif-2.3.8/lib/Xm/DialogS.h
Examining data/motif-2.3.8/lib/Xm/Primitive.h
Examining data/motif-2.3.8/lib/Xm/XmImI.h
Examining data/motif-2.3.8/lib/Xm/IconButtonP.h
Examining data/motif-2.3.8/lib/Xm/ButtonBox.h
Examining data/motif-2.3.8/lib/Xm/RCLayoutI.h
Examining data/motif-2.3.8/lib/Xm/TextSelI.h
Examining data/motif-2.3.8/lib/Xm/SelectioB.c
Examining data/motif-2.3.8/lib/Xm/TextFSel.c
Examining data/motif-2.3.8/lib/Xm/SlideC.h
Examining data/motif-2.3.8/lib/Xm/PanedWP.h
Examining data/motif-2.3.8/lib/Xm/Xmos_r.h
Examining data/motif-2.3.8/lib/Xm/OutlineP.h
Examining data/motif-2.3.8/lib/Xm/ComboBoxP.h
Examining data/motif-2.3.8/lib/Xm/XpmCrPFrI.c
Examining data/motif-2.3.8/lib/Xm/Tree.c
Examining data/motif-2.3.8/lib/Xm/MenuShell.c
Examining data/motif-2.3.8/lib/Xm/ResConvert.c
Examining data/motif-2.3.8/lib/Xm/IconBox.h
Examining data/motif-2.3.8/lib/Xm/MapEventsI.h
Examining data/motif-2.3.8/lib/Xm/DropTrans.c
Examining data/motif-2.3.8/lib/Xm/CascadeBGP.h
Examining data/motif-2.3.8/lib/Xm/TabBox.c
Examining data/motif-2.3.8/lib/Xm/BulletinBP.h
Examining data/motif-2.3.8/lib/Xm/XmStrDefs22.h
Examining data/motif-2.3.8/lib/Xm/CallbackI.c
Examining data/motif-2.3.8/lib/Xm/DragIcon.c
Examining data/motif-2.3.8/lib/Xm/ToolTipT.h
Examining data/motif-2.3.8/lib/Xm/Xm.c
Examining data/motif-2.3.8/lib/Xm/XmString.c
Examining data/motif-2.3.8/lib/Xm/ScrolledWP.h
Examining data/motif-2.3.8/lib/Xm/IsMwmRun.c
Examining data/motif-2.3.8/lib/Xm/TraitI.h
Examining data/motif-2.3.8/lib/Xm/LabelGI.h
Examining data/motif-2.3.8/lib/Xm/Column.h
Examining data/motif-2.3.8/lib/Xm/CascadeBI.h
Examining data/motif-2.3.8/lib/Xm/DrawUtils.c
Examining data/motif-2.3.8/lib/Xm/XmStringFunc.c
Examining data/motif-2.3.8/lib/Xm/ScroVis.c
Examining data/motif-2.3.8/lib/Xm/CareVisualTI.h
Examining data/motif-2.3.8/lib/Xm/GrabShell.h
Examining data/motif-2.3.8/lib/Xm/XpmCrIFrBuf.c
Examining data/motif-2.3.8/lib/Xm/DropSMgr.c
Examining data/motif-2.3.8/lib/Xm/XmosP.h
Examining data/motif-2.3.8/lib/Xm/CommandP.h
Examining data/motif-2.3.8/lib/Xm/ToggleB.h
Examining data/motif-2.3.8/lib/Xm/XpmCrPFrDat.c
Examining data/motif-2.3.8/lib/Xm/VendorSEI.h
Examining data/motif-2.3.8/lib/Xm/BBUtil.c
Examining data/motif-2.3.8/lib/Xm/SpinB.c
Examining data/motif-2.3.8/lib/Xm/ToolTipCT.h
Examining data/motif-2.3.8/lib/Xm/BitmapsI.h
Examining data/motif-2.3.8/lib/Xm/Notebook.c
Examining data/motif-2.3.8/lib/Xm/XpmInfo.c
Examining data/motif-2.3.8/lib/Xm/TxtPropCv.c
Examining data/motif-2.3.8/lib/Xm/IconH.h
Examining data/motif-2.3.8/lib/Xm/XpmWrFFrDat.c
Examining data/motif-2.3.8/lib/Xm/DrawUtils.h
Examining data/motif-2.3.8/lib/Xm/BaseClass.c
Examining data/motif-2.3.8/lib/Xm/SeparatoGP.h
Examining data/motif-2.3.8/lib/Xm/Picture.h
Examining data/motif-2.3.8/lib/Xm/DialogSP.h
Examining data/motif-2.3.8/lib/Xm/UniqueEvnt.c
Examining data/motif-2.3.8/lib/Xm/FileSBP.h
Examining data/motif-2.3.8/lib/Xm/List.c
Examining data/motif-2.3.8/lib/Xm/GadgetUtiI.h
Examining data/motif-2.3.8/lib/Xm/PushB.h
Examining data/motif-2.3.8/lib/Xm/XmStringObso.c
Examining data/motif-2.3.8/lib/Xm/ScrollFramTI.h
Examining data/motif-2.3.8/lib/Xm/VendorSI.h
Examining data/motif-2.3.8/lib/Xm/SSpinB.c
Examining data/motif-2.3.8/lib/Xm/CommandI.h
Examining data/motif-2.3.8/lib/Xm/MultiListP.h
Examining data/motif-2.3.8/lib/Xm/HierarchyP.h
Examining data/motif-2.3.8/lib/Xm/UnhighlightT.h
Examining data/motif-2.3.8/lib/Xm/ResEncod.c
Examining data/motif-2.3.8/lib/Xm/ContItemT.h
Examining data/motif-2.3.8/lib/Xm/SelectioBP.h
Examining data/motif-2.3.8/lib/Xm/VaSimpleP.h
Examining data/motif-2.3.8/lib/Xm/BulletinBI.h
Examining data/motif-2.3.8/lib/Xm/TravAct.c
Examining data/motif-2.3.8/lib/Xm/ScrollBarP.h
Examining data/motif-2.3.8/lib/Xm/TransferT.h
Examining data/motif-2.3.8/lib/Xm/AccTextT.h
Examining data/motif-2.3.8/lib/Xm/Cache.c
Examining data/motif-2.3.8/lib/Xm/DialogSE.c
Examining data/motif-2.3.8/lib/Xm/XmIm.c
Examining data/motif-2.3.8/lib/Xm/TearOff.c
Examining data/motif-2.3.8/lib/Xm/GetPixData.c
Examining data/motif-2.3.8/lib/Xm/PushBP.h
Examining data/motif-2.3.8/lib/Xm/ScrolledWI.h
Examining data/motif-2.3.8/lib/Xm/ImageCachI.h
Examining data/motif-2.3.8/lib/Xm/CntrbmI.h
Examining data/motif-2.3.8/lib/Xm/DragBSI.h
Examining data/motif-2.3.8/lib/Xm/Hierarchy.c
Examining data/motif-2.3.8/lib/Xm/ComboBox.h
Examining data/motif-2.3.8/lib/Xm/RegionI.h
Examining data/motif-2.3.8/lib/Xm/IconG.c
Examining data/motif-2.3.8/lib/Xm/Ext18ListP.h
Examining data/motif-2.3.8/lib/Xm/RCHook.c
Examining data/motif-2.3.8/lib/Xm/ScrollBar.h
Examining data/motif-2.3.8/lib/Xm/TabBoxP.h
Examining data/motif-2.3.8/lib/Xm/TransferP.h
Examining data/motif-2.3.8/lib/Xm/FormP.h
Examining data/motif-2.3.8/lib/Xm/DrawingA.c
Examining data/motif-2.3.8/lib/Xm/PanedW.h
Examining data/motif-2.3.8/lib/Xm/ResEncodI.h
Examining data/motif-2.3.8/lib/Xm/DragIconP.h
Examining data/motif-2.3.8/lib/Xm/ToggleBGI.h
Examining data/motif-2.3.8/lib/Xm/Separator.c
Examining data/motif-2.3.8/lib/Xm/VirtKeys.c
Examining data/motif-2.3.8/lib/Xm/LabelG.h
Examining data/motif-2.3.8/lib/Xm/XmStringGet.c
Examining data/motif-2.3.8/lib/Xm/Label.h
Examining data/motif-2.3.8/lib/Xm/Outline.c
Examining data/motif-2.3.8/lib/Xm/XmRenderTI.h
Examining data/motif-2.3.8/lib/Xm/TraversalI.h
Examining data/motif-2.3.8/lib/Xm/Simple.c
Examining data/motif-2.3.8/lib/Xm/Screen.h
Examining data/motif-2.3.8/lib/Xm/MainW.c
Examining data/motif-2.3.8/lib/Xm/Transfer.h
Examining data/motif-2.3.8/lib/Xm/XpmP.h
Examining data/motif-2.3.8/lib/Xm/PointInT.h
Examining data/motif-2.3.8/lib/Xm/SeparatorP.h
Examining data/motif-2.3.8/lib/Xm/LabelG.c
Examining data/motif-2.3.8/lib/Xm/BaseClassI.h
Examining data/motif-2.3.8/lib/Xm/MessageB.c
Examining data/motif-2.3.8/lib/Xm/XmMsgI.h
Examining data/motif-2.3.8/lib/Xm/TabStack.h
Examining data/motif-2.3.8/lib/Xm/SeparatoG.h
Examining data/motif-2.3.8/lib/Xm/Png.c
Examining data/motif-2.3.8/lib/Xm/TextFSelP.h
Examining data/motif-2.3.8/lib/Xm/GrabShellP.h
Examining data/motif-2.3.8/lib/Xm/DragIcon.h
Examining data/motif-2.3.8/lib/Xm/ExtP.h
Examining data/motif-2.3.8/lib/Xm/ArrowBP.h
Examining data/motif-2.3.8/lib/Xm/JoinSideT.h
Examining data/motif-2.3.8/lib/Xm/GeoUtilsI.h
Examining data/motif-2.3.8/lib/Xm/CareVisualT.h
Examining data/motif-2.3.8/lib/Xm/PixConv.c
Examining data/motif-2.3.8/lib/Xm/TreeP.h
Examining data/motif-2.3.8/lib/Xm/TextFind.c
Examining data/motif-2.3.8/lib/Xm/ManagerI.h
Examining data/motif-2.3.8/lib/Xm/Command.c
Examining data/motif-2.3.8/lib/Xm/XpmCrBufFrP.c
Examining data/motif-2.3.8/lib/Xm/Synthetic.c
Examining data/motif-2.3.8/lib/Xm/PrintSI.h
Examining data/motif-2.3.8/lib/Xm/TxtPropCv.h
Examining data/motif-2.3.8/lib/Xm/XpmRdFToI.c
Examining data/motif-2.3.8/lib/Xm/GadgetI.h
Examining data/motif-2.3.8/lib/Xm/XpmWrFFrI.c
Examining data/motif-2.3.8/lib/Xm/BulletinB.h
Examining data/motif-2.3.8/lib/Xm/PushB.c
Examining data/motif-2.3.8/lib/Xm/XmTabList.c
Examining data/motif-2.3.8/lib/Xm/SashP.h
Examining data/motif-2.3.8/lib/Xm/Xmfuncs.h
Examining data/motif-2.3.8/lib/Xm/ScrollBar.c
Examining data/motif-2.3.8/lib/Xm/RowColumn.c
Examining data/motif-2.3.8/lib/Xm/ReadImageI.h
Examining data/motif-2.3.8/lib/Xm/AtomMgr.h
Examining data/motif-2.3.8/lib/Xm/ScreenP.h
Examining data/motif-2.3.8/lib/Xm/VendorSP.h
Examining data/motif-2.3.8/lib/Xm/ContainerP.h
Examining data/motif-2.3.8/lib/Xm/DisplayI.h
Examining data/motif-2.3.8/lib/Xm/ShellE.c
Examining data/motif-2.3.8/lib/Xm/ColorObjP.h
Examining data/motif-2.3.8/lib/Xm/CascadeBGI.h
Examining data/motif-2.3.8/lib/Xm/FrameP.h
Examining data/motif-2.3.8/lib/Xm/NavigatorT.h
Examining data/motif-2.3.8/lib/Xm/LabelP.h
Examining data/motif-2.3.8/lib/Xm/TextStrSo.c
Examining data/motif-2.3.8/lib/Xm/JpegI.h
Examining data/motif-2.3.8/lib/Xm/MenuUtilP.h
Examining data/motif-2.3.8/lib/Xm/Draw.c
Examining data/motif-2.3.8/lib/Xm/IconGP.h
Examining data/motif-2.3.8/lib/Xm/RCLayout.c
Examining data/motif-2.3.8/lib/Xm/Hierarchy.h
Examining data/motif-2.3.8/lib/Xm/DropTransP.h
Examining data/motif-2.3.8/lib/Xm/Jpeg.c
Examining data/motif-2.3.8/lib/Xm/ScaleP.h
Examining data/motif-2.3.8/lib/Xm/GadgetP.h
Examining data/motif-2.3.8/lib/Xm/ColObjFunc.c
Examining data/motif-2.3.8/lib/Xm/RowColumnI.h
Examining data/motif-2.3.8/lib/Xm/ColorObj.c
Examining data/motif-2.3.8/lib/Xm/Manager.c
Examining data/motif-2.3.8/lib/Xm/ColorSP.h
Examining data/motif-2.3.8/lib/Xm/SlideC.c
Examining data/motif-2.3.8/lib/Xm/ExtObjectI.h
Examining data/motif-2.3.8/lib/Xm/IconBox.c
Examining data/motif-2.3.8/lib/Xm/Display.c
Examining data/motif-2.3.8/lib/Xm/XmStrDefs.c
Examining data/motif-2.3.8/lib/Xm/TextIn.c
Examining data/motif-2.3.8/lib/Xm/ToolTipI.h
Examining data/motif-2.3.8/lib/Xm/IconH.c
Examining data/motif-2.3.8/lib/Xm/DragOverSP.h
Examining data/motif-2.3.8/lib/Xm/Frame.c
Examining data/motif-2.3.8/lib/Xm/Xpmdata.c
Examining data/motif-2.3.8/lib/Xm/TearOffP.h
Examining data/motif-2.3.8/lib/Xm/ProtocolsI.h
Examining data/motif-2.3.8/lib/Xm/MessagesI.h
Examining data/motif-2.3.8/lib/Xm/DragOverS.c
Examining data/motif-2.3.8/lib/Xm/ScreenI.h
Examining data/motif-2.3.8/lib/Xm/PrintS.c
Examining data/motif-2.3.8/lib/Xm/XpmAttrib.c
Examining data/motif-2.3.8/lib/Xm/ToggleB.c
Examining data/motif-2.3.8/lib/Xm/ClipWindow.c
Examining data/motif-2.3.8/lib/Xm/XpmRdFToDat.c
Examining data/motif-2.3.8/lib/Xm/DrawP.h
Examining data/motif-2.3.8/lib/Xm/I18List.c
Examining data/motif-2.3.8/lib/Xm/DrawingA.h
Examining data/motif-2.3.8/lib/Xm/XmStrDefs.h
Examining data/motif-2.3.8/lib/Xm/DragUnderI.h
Examining data/motif-2.3.8/lib/Xm/DragCI.h
Examining data/motif-2.3.8/lib/Xm/PrimitiveP.h
Examining data/motif-2.3.8/lib/Xm/CascadeB.h
Examining data/motif-2.3.8/lib/Xm/CutPaste.c
Examining data/motif-2.3.8/lib/Xm/CacheP.h
Examining data/motif-2.3.8/lib/Xm/ComboBox2P.h
Examining data/motif-2.3.8/lib/Xm/DrArrow.c
Examining data/motif-2.3.8/lib/Xm/ListP.h
Examining data/motif-2.3.8/lib/Xm/Ext18List.h
Examining data/motif-2.3.8/lib/Xm/BaseClassP.h
Examining data/motif-2.3.8/lib/Xm/ToggleBG.h
Examining data/motif-2.3.8/lib/Xm/TextFSelI.h
Examining data/motif-2.3.8/lib/Xm/CareVisualT.c
Examining data/motif-2.3.8/lib/Xm/LabelI.h
Examining data/motif-2.3.8/lib/Xm/IconButton.h
Examining data/motif-2.3.8/lib/Xm/BulletinB.c
Examining data/motif-2.3.8/lib/Xm/TransltnsP.h
Examining data/motif-2.3.8/lib/Xm/Print.h
Examining data/motif-2.3.8/lib/Xm/IconFileP.h
Examining data/motif-2.3.8/lib/Xm/PrintSP.h
Examining data/motif-2.3.8/lib/Xm/ImageCache.c
Examining data/motif-2.3.8/lib/Xm/TakesDefT.h
Examining data/motif-2.3.8/lib/Xm/Dest.c
Examining data/motif-2.3.8/lib/Xm/Paned.h
Examining data/motif-2.3.8/lib/Xm/TravConT.h
Examining data/motif-2.3.8/lib/Xm/RCMenu.c
Examining data/motif-2.3.8/lib/Xm/DrawnB.c
Examining data/motif-2.3.8/lib/Xm/ResIndI.h
Examining data/motif-2.3.8/lib/Xm/ToggleBG.c
Examining data/motif-2.3.8/lib/Xm/DropSMgrI.h
Examining data/motif-2.3.8/lib/Xm/MenuProcP.h
Examining data/motif-2.3.8/lib/Xm/TearOffB.c
Examining data/motif-2.3.8/lib/Xm/DragICCI.h
Examining data/motif-2.3.8/lib/Xm/XmFontList.c
Examining data/motif-2.3.8/lib/Xm/CascadeBG.c
Examining data/motif-2.3.8/lib/Xm/DrHiDash.c
Examining data/motif-2.3.8/lib/Xm/XpmCrPFrBuf.c
Examining data/motif-2.3.8/lib/Xm/ResConverI.h
Examining data/motif-2.3.8/lib/Xm/IconFile.c
Examining data/motif-2.3.8/lib/Xm/Text.h
Examining data/motif-2.3.8/lib/Xm/GadgetUtil.c
Examining data/motif-2.3.8/lib/Xm/VirtKeysP.h
Examining data/motif-2.3.8/lib/Xm/ContainerT.h
Examining data/motif-2.3.8/lib/Xm/DropDownP.h
Examining data/motif-2.3.8/lib/Xm/TextStrSoI.h
Examining data/motif-2.3.8/lib/Xm/ActivatableT.h
Examining data/motif-2.3.8/lib/Xm/TraitP.h
Examining data/motif-2.3.8/lib/Xm/Color.c
Examining data/motif-2.3.8/lib/Xm/Outline.h
Examining data/motif-2.3.8/lib/Xm/MenuState.c
Examining data/motif-2.3.8/lib/Xm/Xpmcreate.c
Examining data/motif-2.3.8/lib/Xm/VendorS.c
Examining data/motif-2.3.8/lib/Xm/PushBG.c
Examining data/motif-2.3.8/lib/Xm/DrawingAI.h
Examining data/motif-2.3.8/lib/Xm/PanedP.h
Examining data/motif-2.3.8/lib/Xm/LayoutT.h
Examining data/motif-2.3.8/lib/Xm/Form.h
Examining data/motif-2.3.8/lib/Xm/Xpmscan.c
Examining data/motif-2.3.8/lib/Xm/Ext.h
Examining data/motif-2.3.8/lib/Xm/ScalTics.c
Examining data/motif-2.3.8/lib/Xm/ColumnP.h
Examining data/motif-2.3.8/lib/Xm/Xpmparse.c
Examining data/motif-2.3.8/lib/Xm/Form.c
Examining data/motif-2.3.8/lib/Xm/TextFI.h
Examining data/motif-2.3.8/lib/Xm/XpmRdFToBuf.c
Examining data/motif-2.3.8/lib/Xm/XmTabListI.h
Examining data/motif-2.3.8/lib/Xm/MenuUtilI.h
Examining data/motif-2.3.8/lib/Xm/Manager.h
Examining data/motif-2.3.8/lib/Xm/ScrollFrameT.c
Examining data/motif-2.3.8/lib/Xm/Xmos.c
Examining data/motif-2.3.8/lib/Xm/MapEvents.c
Examining data/motif-2.3.8/lib/Xm/Xmpoll.h
Examining data/motif-2.3.8/lib/Xm/TextInP.h
Examining data/motif-2.3.8/lib/Xm/ExtObject.c
Examining data/motif-2.3.8/lib/Xm/IconFile.h
Examining data/motif-2.3.8/lib/Xm/ButtonBox.c
Examining data/motif-2.3.8/lib/Xm/XpmI.h
Examining data/motif-2.3.8/lib/Xm/XmStrDefsI.h
Examining data/motif-2.3.8/lib/Xm/MenuShell.h
Examining data/motif-2.3.8/lib/Xm/ScrolledW.c
Examining data/motif-2.3.8/lib/Xm/XmStrDefs23.h
Examining data/motif-2.3.8/lib/Xm/TabList.c
Examining data/motif-2.3.8/lib/Xm/ManagerP.h
Examining data/motif-2.3.8/lib/Xm/SSpinB.h
Examining data/motif-2.3.8/lib/Xm/NotebookP.h
Examining data/motif-2.3.8/lib/Xm/ExtObjectP.h
Examining data/motif-2.3.8/lib/Xm/DropSMgrI.c
Examining data/motif-2.3.8/lib/Xm/RepTypeI.h
Examining data/motif-2.3.8/lib/Xm/TextFP.h
Examining data/motif-2.3.8/lib/Xm/ButtonBoxP.h
Examining data/motif-2.3.8/lib/Xm/Display.h
Examining data/motif-2.3.8/lib/Xm/FileSB.c
Examining data/motif-2.3.8/lib/Xm/DataFSelP.h
Examining data/motif-2.3.8/lib/Xm/DrPoly.c
Examining data/motif-2.3.8/lib/Xm/ClipWindowP.h
Examining data/motif-2.3.8/lib/Xm/DragOverSI.h
Examining data/motif-2.3.8/lib/Xm/MessageBI.h
Examining data/motif-2.3.8/lib/Xm/VirtKeys.h
Examining data/motif-2.3.8/lib/Xm/AccColorT.h
Examining data/motif-2.3.8/lib/Xm/CascadeB.c
Examining data/motif-2.3.8/lib/Xm/DesktopP.h
Examining data/motif-2.3.8/lib/Xm/TrackLoc.c
Examining data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c
Examining data/motif-2.3.8/lib/Xm/RepType.h
Examining data/motif-2.3.8/lib/Xm/MwmUtil.h
Examining data/motif-2.3.8/lib/Xm/MessageBP.h
Examining data/motif-2.3.8/lib/Xm/Region.c
Examining data/motif-2.3.8/lib/Xm/LabelGP.h
Examining data/motif-2.3.8/lib/Xm/DragICC.c
Examining data/motif-2.3.8/lib/Xm/DragUnder.c
Examining data/motif-2.3.8/lib/Xm/CascadeBG.h
Examining data/motif-2.3.8/lib/Xm/MessageB.h
Examining data/motif-2.3.8/lib/Xm/CutPaste.h
Examining data/motif-2.3.8/lib/Xm/VendorS.h
Examining data/motif-2.3.8/lib/Xm/MainWP.h
Examining data/motif-2.3.8/lib/Xm/IconG.h
Examining data/motif-2.3.8/lib/Xm/TextOutI.h
Examining data/motif-2.3.8/lib/Xm/XmP.h
Examining data/motif-2.3.8/lib/Xm/ValTime.c
Examining data/motif-2.3.8/lib/Xm/Container.h
Examining data/motif-2.3.8/lib/Xm/Container.c
Examining data/motif-2.3.8/lib/Xm/RowColumn.h
Examining data/motif-2.3.8/lib/Xm/GMUtils.c
Examining data/motif-2.3.8/lib/Xm/TraversalI.c
Examining data/motif-2.3.8/lib/Xm/ColorObjI.h
Examining data/motif-2.3.8/lib/Xm/Gadget.c
Examining data/motif-2.3.8/lib/Xm/XpmCrIFrP.c
Examining data/motif-2.3.8/lib/Xm/XpmCrDatFrP.c
Examining data/motif-2.3.8/lib/Xm/ObsoStr.c
Examining data/motif-2.3.8/lib/Xm/XmAll.h
Examining data/motif-2.3.8/lib/Xm/DrawI.h
Examining data/motif-2.3.8/lib/Xm/TextOutP.h
Examining data/motif-2.3.8/lib/Xm/XpmWrFFrBuf.c
Examining data/motif-2.3.8/lib/Xm/Protocols.h
Examining data/motif-2.3.8/lib/Xm/List.h
Examining data/motif-2.3.8/lib/Xm/ComboBox2.h
Examining data/motif-2.3.8/lib/Xm/SeparatoG.c
Examining data/motif-2.3.8/lib/Xm/SpinBP.h
Examining data/motif-2.3.8/lib/Xm/Text.c
Examining data/motif-2.3.8/lib/Xm/DialogSEP.h
Examining data/motif-2.3.8/lib/Xm/DataFP.h
Examining data/motif-2.3.8/lib/Xm/Column.c
Examining data/motif-2.3.8/lib/Xm/DrawingAP.h
Examining data/motif-2.3.8/lib/Xm/Transfer.c
Examining data/motif-2.3.8/lib/Xm/ReadImage.c
Examining data/motif-2.3.8/lib/Xm/MainW.h
Examining data/motif-2.3.8/lib/Xm/CvtUnit.c
Examining data/motif-2.3.8/lib/Xm/Trait.c
Examining data/motif-2.3.8/lib/Xm/XpmWrFFrP.c
Examining data/motif-2.3.8/lib/Xm/MenuProc.c
Examining data/motif-2.3.8/lib/Xm/FontS.h
Examining data/motif-2.3.8/lib/Xm/VirtKeysI.h
Examining data/motif-2.3.8/lib/Xm/DrawnB.h
Examining data/motif-2.3.8/lib/Xm/ArrowBG.c
Examining data/motif-2.3.8/lib/Xm/XmI.h
Examining data/motif-2.3.8/lib/Xm/CutPasteI.h
Examining data/motif-2.3.8/lib/Xm/MenuStateI.h
Examining data/motif-2.3.8/lib/Xm/ClipWindTI.h
Examining data/motif-2.3.8/lib/Xm/DragIconI.h
Examining data/motif-2.3.8/lib/Xm/PushBGP.h
Examining data/motif-2.3.8/lib/Xm/TabList.h
Examining data/motif-2.3.8/lib/Xm/RCMenuI.h
Examining data/motif-2.3.8/lib/Xm/RepType.c
Examining data/motif-2.3.8/lib/Xm/IconButton.c
Examining data/motif-2.3.8/lib/Xm/AtomMgr.c
Examining data/motif-2.3.8/lib/Xm/XmosI.h
Examining data/motif-2.3.8/lib/Xm/Scale.h
Examining data/motif-2.3.8/lib/Xm/TextFunc.c
Examining data/motif-2.3.8/lib/Xm/DropTrans.h
Examining data/motif-2.3.8/lib/Xm/ToggleBP.h
Examining data/motif-2.3.8/lib/Xm/GrabShell.c
Examining data/motif-2.3.8/lib/Xm/WidGet.c
Examining data/motif-2.3.8/lib/Xm/VendorSEP.h
Examining data/motif-2.3.8/lib/Xm/MultiList.c
Examining data/motif-2.3.8/lib/Xm/ColorI.h
Examining data/motif-2.3.8/lib/Xm/MenuT.h
Examining data/motif-2.3.8/lib/Xm/RowColumnP.h
Examining data/motif-2.3.8/lib/Xm/UnitTypeT.h
Examining data/motif-2.3.8/lib/Xm/RCLayoutP.h
Examining data/motif-2.3.8/lib/Xm/Separator.h
Examining data/motif-2.3.8/lib/Xm/DragBS.c
Examining data/motif-2.3.8/lib/Xm/DropDown.c
Examining data/motif-2.3.8/lib/Xm/ScrolledW.h
Examining data/motif-2.3.8/lib/Xm/Traversal.c
Examining data/motif-2.3.8/lib/Xm/FontS.c
Examining data/motif-2.3.8/lib/Xm/Messages.c
Examining data/motif-2.3.8/lib/Xm/ColorS.c
Examining data/motif-2.3.8/lib/Xm/XmRenderT.c
Examining data/motif-2.3.8/lib/Xm/DataF.c
Examining data/motif-2.3.8/lib/Xm/TextF.c
Examining data/motif-2.3.8/lib/Xm/EditresComI.h
Examining data/motif-2.3.8/lib/Xm/DataFSel.c
Examining data/motif-2.3.8/lib/Xm/TabStack.c
Examining data/motif-2.3.8/lib/Mrm/Mrmlwrite.c
Examining data/motif-2.3.8/lib/Mrm/MrmPublic.h
Examining data/motif-2.3.8/lib/Mrm/Mrmvm.c
Examining data/motif-2.3.8/lib/Mrm/Mrmtable.c
Examining data/motif-2.3.8/lib/Mrm/Mrmwrefs.c
Examining data/motif-2.3.8/lib/Mrm/IDB.h
Examining data/motif-2.3.8/lib/Mrm/MrmIheader.c
Examining data/motif-2.3.8/lib/Mrm/MrmIindex.c
Examining data/motif-2.3.8/lib/Mrm/Mrmos.c
Examining data/motif-2.3.8/lib/Mrm/Mrmappl.c
Examining data/motif-2.3.8/lib/Mrm/MrmMessages.c
Examining data/motif-2.3.8/lib/Mrm/MrmWidget.h
Examining data/motif-2.3.8/lib/Mrm/MrmIfile.c
Examining data/motif-2.3.8/lib/Mrm/Mrmmodule.c
Examining data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c
Examining data/motif-2.3.8/lib/Mrm/MrmItopw.c
Examining data/motif-2.3.8/lib/Mrm/Mrmwci.c
Examining data/motif-2.3.8/lib/Mrm/Mrmwwrite.c
Examining data/motif-2.3.8/lib/Mrm/MrmosI.h
Examining data/motif-2.3.8/lib/Mrm/Mrmerror.c
Examining data/motif-2.3.8/lib/Mrm/Mrm.h
Examining data/motif-2.3.8/lib/Mrm/MrmIbuffer.c
Examining data/motif-2.3.8/lib/Mrm/Mrmtime.c
Examining data/motif-2.3.8/lib/Mrm/Mrminit.c
Examining data/motif-2.3.8/lib/Mrm/Mrmwread.c
Examining data/motif-2.3.8/lib/Mrm/MrmIentry.c
Examining data/motif-2.3.8/lib/Mrm/MrmIrid.c
Examining data/motif-2.3.8/lib/Mrm/MrmAppl.h
Examining data/motif-2.3.8/lib/Mrm/MrmMsgI.h
Examining data/motif-2.3.8/lib/Mrm/MrmItop.c
Examining data/motif-2.3.8/lib/Mrm/MrmDecls.h
Examining data/motif-2.3.8/lib/Mrm/Mrmcontext.c
Examining data/motif-2.3.8/lib/Mrm/Mrmwvalues.c
Examining data/motif-2.3.8/lib/Mrm/MrmIswap.c
Examining data/motif-2.3.8/lib/Mrm/MrmIindexw.c
Examining data/motif-2.3.8/lib/Mrm/Mrmptrlist.c
Examining data/motif-2.3.8/lib/Mrm/Mrmhier.c
Examining data/motif-2.3.8/lib/Mrm/Mrmicon.c
Examining data/motif-2.3.8/lib/Mrm/Mrmlread.c
Examining data/motif-2.3.8/lib/Mrm/Mrmwcrw.c
Examining data/motif-2.3.8/tools/wml/UilSymArTa.h
Examining data/motif-2.3.8/tools/wml/UilUrmClas.h
Examining data/motif-2.3.8/tools/wml/UilSymChTa.h
Examining data/motif-2.3.8/tools/wml/wmlparse.h
Examining data/motif-2.3.8/tools/wml/UilSymArTy.h
Examining data/motif-2.3.8/tools/wml/UilKeyTab.h
Examining data/motif-2.3.8/tools/wml/UilSymNam.h
Examining data/motif-2.3.8/tools/wml/UilSymCtl.h
Examining data/motif-2.3.8/tools/wml/UilTokName.h
Examining data/motif-2.3.8/tools/wml/UilSymReas.h
Examining data/motif-2.3.8/tools/wml/UilSymChCl.h
Examining data/motif-2.3.8/tools/wml/UilLexPars.h
Examining data/motif-2.3.8/tools/wml/wml.h
Examining data/motif-2.3.8/tools/wml/Uil.h
Examining data/motif-2.3.8/tools/wml/wmluiltok.c
Examining data/motif-2.3.8/tools/wml/Uil.c
Examining data/motif-2.3.8/tools/wml/UilSymGen.h
Examining data/motif-2.3.8/tools/wml/wmlsynbld.c
Examining data/motif-2.3.8/tools/wml/UilSymCSet.h
Examining data/motif-2.3.8/tools/wml/UilDBDef.h
Examining data/motif-2.3.8/tools/wml/wmlutils.c
Examining data/motif-2.3.8/tools/wml/wml.c
Examining data/motif-2.3.8/tools/wml/UilLexPars.c
Examining data/motif-2.3.8/tools/wml/wmllex.c
Examining data/motif-2.3.8/tools/wml/UilSymEnum.h
Examining data/motif-2.3.8/tools/wml/UilSymRArg.h
Examining data/motif-2.3.8/tools/wml/wmldbcreate.c
Examining data/motif-2.3.8/tools/wml/wmlparse.c
Examining data/motif-2.3.8/tools/wml/wmloutp1.c
Examining data/motif-2.3.8/tools/wml/wmlresolve.c
Examining data/motif-2.3.8/tools/wml/UilConst.h
Examining data/motif-2.3.8/tools/wml/wmlouth.c
Examining data/motif-2.3.8/tools/wml/wmloutmm.c
Examining data/motif-2.3.8/tools/wml/wmloutkey.c
Examining data/motif-2.3.8/clients/uil/UilIODef.h
Examining data/motif-2.3.8/clients/uil/UilMessTab.h
Examining data/motif-2.3.8/clients/uil/UilSarDef.h
Examining data/motif-2.3.8/clients/uil/UilSarExp.c
Examining data/motif-2.3.8/clients/uil/UilP2Reslv.c
Examining data/motif-2.3.8/clients/uil/UilSemVal.c
Examining data/motif-2.3.8/clients/uil/UilSarMod.c
Examining data/motif-2.3.8/clients/uil/UilDiags.c
Examining data/motif-2.3.8/clients/uil/UilCmdDef.h
Examining data/motif-2.3.8/clients/uil/UilMain.c
Examining data/motif-2.3.8/clients/uil/UilCompGl.h
Examining data/motif-2.3.8/clients/uil/UilLexAna.c
Examining data/motif-2.3.8/clients/uil/UilSrcSrc.c
Examining data/motif-2.3.8/clients/uil/UilSrcDef.h
Examining data/motif-2.3.8/clients/uil/Uil.h
Examining data/motif-2.3.8/clients/uil/UilKeyTab.c
Examining data/motif-2.3.8/clients/uil/UilMess.h
Examining data/motif-2.3.8/clients/uil/UilSymDef.h
Examining data/motif-2.3.8/clients/uil/UilSemCSet.c
Examining data/motif-2.3.8/clients/uil/UilLstLst.c
Examining data/motif-2.3.8/clients/uil/UilSarComp.c
Examining data/motif-2.3.8/clients/uil/UilSymStor.c
Examining data/motif-2.3.8/clients/uil/UilSarObj.c
Examining data/motif-2.3.8/clients/uil/UilP2Out.c
Examining data/motif-2.3.8/clients/uil/UilLexPars.c
Examining data/motif-2.3.8/clients/uil/UilDB.c
Examining data/motif-2.3.8/clients/uil/UilData.c
Examining data/motif-2.3.8/clients/uil/UilDef.h
Examining data/motif-2.3.8/clients/uil/UilSarInc.c
Examining data/motif-2.3.8/clients/uil/UilSarProc.c
Examining data/motif-2.3.8/clients/uil/UilSymGl.h
Examining data/motif-2.3.8/clients/uil/UilDiagDef.h
Examining data/motif-2.3.8/clients/uil/UilLstMac.c
Examining data/motif-2.3.8/clients/uil/UilSymNam.c
Examining data/motif-2.3.8/clients/uil/UilSarVal.c
Examining data/motif-2.3.8/clients/uil/UilLexDef.h
Examining data/motif-2.3.8/clients/uil/UilDefI.h
Examining data/motif-2.3.8/clients/uil/UilCmd.c
Examining data/motif-2.3.8/clients/mwm/WmMenu.c
Examining data/motif-2.3.8/clients/mwm/WmIDecor.c
Examining data/motif-2.3.8/clients/mwm/WmEvent.h
Examining data/motif-2.3.8/clients/mwm/WmManage.c
Examining data/motif-2.3.8/clients/mwm/WmGlobal.h
Examining data/motif-2.3.8/clients/mwm/WmResNames.h
Examining data/motif-2.3.8/clients/mwm/WmWsm.c
Examining data/motif-2.3.8/clients/mwm/WmBitmap.h
Examining data/motif-2.3.8/clients/mwm/WmIPlace.h
Examining data/motif-2.3.8/clients/mwm/WmResCvt.c
Examining data/motif-2.3.8/clients/mwm/WmMenu.h
Examining data/motif-2.3.8/clients/mwm/WmWinList.c
Examining data/motif-2.3.8/clients/mwm/WmImage.h
Examining data/motif-2.3.8/clients/mwm/version.c
Examining data/motif-2.3.8/clients/mwm/WmIconBox.c
Examining data/motif-2.3.8/clients/mwm/WmCDInfo.h
Examining data/motif-2.3.8/clients/mwm/WmError.h
Examining data/motif-2.3.8/clients/mwm/WmResource.h
Examining data/motif-2.3.8/clients/mwm/WmImage.c
Examining data/motif-2.3.8/clients/mwm/WmFunction.c
Examining data/motif-2.3.8/clients/mwm/WmResCvt.h
Examining data/motif-2.3.8/clients/mwm/WmKeyFocus.h
Examining data/motif-2.3.8/clients/mwm/WmWinState.h
Examining data/motif-2.3.8/clients/mwm/WmWinList.h
Examining data/motif-2.3.8/clients/mwm/WmIBitmap.h
Examining data/motif-2.3.8/clients/mwm/WmWinInfo.c
Examining data/motif-2.3.8/clients/mwm/WmGraphics.c
Examining data/motif-2.3.8/clients/mwm/WmProtocol.h
Examining data/motif-2.3.8/clients/mwm/WmKeyFocus.c
Examining data/motif-2.3.8/clients/mwm/WmSignal.h
Examining data/motif-2.3.8/clients/mwm/WmInitWs.h
Examining data/motif-2.3.8/clients/mwm/WmCDecor.h
Examining data/motif-2.3.8/clients/mwm/WmProperty.c
Examining data/motif-2.3.8/clients/mwm/WmICCC.h
Examining data/motif-2.3.8/clients/mwm/WmDebug.h
Examining data/motif-2.3.8/clients/mwm/WmProperty.h
Examining data/motif-2.3.8/clients/mwm/WmCDInfo.c
Examining data/motif-2.3.8/clients/mwm/WmInitWs.c
Examining data/motif-2.3.8/clients/mwm/WmXSMP.c
Examining data/motif-2.3.8/clients/mwm/WmCmd.h
Examining data/motif-2.3.8/clients/mwm/WmResParse.h
Examining data/motif-2.3.8/clients/mwm/WmCDecor.c
Examining data/motif-2.3.8/clients/mwm/WmXSMP.h
Examining data/motif-2.3.8/clients/mwm/WmCPlace.h
Examining data/motif-2.3.8/clients/mwm/WmWinConf.c
Examining data/motif-2.3.8/clients/mwm/WmOL.h
Examining data/motif-2.3.8/clients/mwm/WmIPlace.c
Examining data/motif-2.3.8/clients/mwm/WmColormap.c
Examining data/motif-2.3.8/clients/mwm/WmMain.c
Examining data/motif-2.3.8/clients/mwm/WmWinConf.h
Examining data/motif-2.3.8/clients/mwm/WmCEvent.h
Examining data/motif-2.3.8/clients/mwm/WmFunction.h
Examining data/motif-2.3.8/clients/mwm/WmFeedback.c
Examining data/motif-2.3.8/clients/mwm/WmCEvent.c
Examining data/motif-2.3.8/clients/mwm/WmCmd.c
Examining data/motif-2.3.8/clients/mwm/WmWsmLib/wsm_funcs.h
Examining data/motif-2.3.8/clients/mwm/WmWsmLib/utm_send.c
Examining data/motif-2.3.8/clients/mwm/WmWsmLib/recv.c
Examining data/motif-2.3.8/clients/mwm/WmWsmLib/disp.c
Examining data/motif-2.3.8/clients/mwm/WmWsmLib/send.c
Examining data/motif-2.3.8/clients/mwm/WmWsmLib/free.c
Examining data/motif-2.3.8/clients/mwm/WmWsmLib/wsm_proto.h
Examining data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c
Examining data/motif-2.3.8/clients/mwm/WmWsmLib/util.c
Examining data/motif-2.3.8/clients/mwm/WmWsmLib/utm_send.h
Examining data/motif-2.3.8/clients/mwm/WmWsmLib/pack.c
Examining data/motif-2.3.8/clients/mwm/WmWsm.h
Examining data/motif-2.3.8/clients/mwm/WmColormap.h
Examining data/motif-2.3.8/clients/mwm/WmCPlace.c
Examining data/motif-2.3.8/clients/mwm/WmManage.h
Examining data/motif-2.3.8/clients/mwm/WmFeedback.h
Examining data/motif-2.3.8/clients/mwm/WmGraphics.h
Examining data/motif-2.3.8/clients/mwm/WmIDecor.h
Examining data/motif-2.3.8/clients/mwm/WmSignal.c
Examining data/motif-2.3.8/clients/mwm/WmResource.c
Examining data/motif-2.3.8/clients/mwm/WmResParse.c
Examining data/motif-2.3.8/clients/mwm/WmWinState.c
Examining data/motif-2.3.8/clients/mwm/WmWinInfo.h
Examining data/motif-2.3.8/clients/mwm/WmError.c
Examining data/motif-2.3.8/clients/mwm/WmIconBox.h
Examining data/motif-2.3.8/clients/mwm/WmProtocol.c
Examining data/motif-2.3.8/clients/mwm/WmEvent.c
Examining data/motif-2.3.8/clients/xmbind/xmbind.c
Examining data/motif-2.3.8/include/Dt/HelpQuickD.h
Examining data/motif-2.3.8/include/Dt/Editor.h
Examining data/motif-2.3.8/include/Dt/Help.h
Examining data/motif-2.3.8/include/Dt/TermPrim.h
Examining data/motif-2.3.8/include/Dt/Print.h
Examining data/motif-2.3.8/include/Dt/Term.h
Examining data/motif-2.3.8/include/Dt/MenuButton.h
Examining data/motif-2.3.8/include/Dt/HelpDialog.h
Examining data/motif-2.3.8/config/util/mergelib.cpp
Examining data/motif-2.3.8/config/util/lndir.c
Examining data/motif-2.3.8/config/util/xmkmf.cpp
Examining data/motif-2.3.8/config/util/mdepend.cpp
Examining data/motif-2.3.8/config/util/checktree.c
Examining data/motif-2.3.8/config/util/chownxterm.c
Examining data/motif-2.3.8/config/util/makestrs.c
Examining data/motif-2.3.8/demos/lib/Wsm/wsm_funcs.h
Examining data/motif-2.3.8/demos/lib/Wsm/utm_send.c
Examining data/motif-2.3.8/demos/lib/Wsm/recv.c
Examining data/motif-2.3.8/demos/lib/Wsm/disp.c
Examining data/motif-2.3.8/demos/lib/Wsm/send.c
Examining data/motif-2.3.8/demos/lib/Wsm/free.c
Examining data/motif-2.3.8/demos/lib/Wsm/wsm_proto.h
Examining data/motif-2.3.8/demos/lib/Wsm/debug.c
Examining data/motif-2.3.8/demos/lib/Wsm/util.c
Examining data/motif-2.3.8/demos/lib/Wsm/utm_send.h
Examining data/motif-2.3.8/demos/lib/Wsm/pack.c
Examining data/motif-2.3.8/demos/lib/Xmd/Help.c
Examining data/motif-2.3.8/demos/lib/Xmd/Menus.h
Examining data/motif-2.3.8/demos/lib/Xmd/RegEdit.h
Examining data/motif-2.3.8/demos/lib/Xmd/Help.h
Examining data/motif-2.3.8/demos/lib/Xmd/HelpP.h
Examining data/motif-2.3.8/demos/lib/Xmd/AdjView.h
Examining data/motif-2.3.8/demos/lib/Xmd/Print.c
Examining data/motif-2.3.8/demos/lib/Xmd/Print.h
Examining data/motif-2.3.8/demos/lib/Xmd/PrintP.h
Examining data/motif-2.3.8/demos/lib/Xmd/AdjView.c
Examining data/motif-2.3.8/demos/lib/Xmd/onHelp.c
Examining data/motif-2.3.8/demos/lib/Xmd/RegEditI.h
Examining data/motif-2.3.8/demos/lib/Xmd/Menus.c
Examining data/motif-2.3.8/demos/lib/Xmd/RegEdit.c
Examining data/motif-2.3.8/demos/lib/Exm/MenuB.c
Examining data/motif-2.3.8/demos/lib/Exm/StringTransP.h
Examining data/motif-2.3.8/demos/lib/Exm/Grid.c
Examining data/motif-2.3.8/demos/lib/Exm/MenuBP.h
Examining data/motif-2.3.8/demos/lib/Exm/SimpleP.h
Examining data/motif-2.3.8/demos/lib/Exm/CommandBP.h
Examining data/motif-2.3.8/demos/lib/Exm/GridP.h
Examining data/motif-2.3.8/demos/lib/Exm/TabB.c
Examining data/motif-2.3.8/demos/lib/Exm/StringTrans.h
Examining data/motif-2.3.8/demos/lib/Exm/TabB.h
Examining data/motif-2.3.8/demos/lib/Exm/Panner.c
Examining data/motif-2.3.8/demos/lib/Exm/StringTrans.c
Examining data/motif-2.3.8/demos/lib/Exm/Simple.h
Examining data/motif-2.3.8/demos/lib/Exm/ExmMrm.c
Examining data/motif-2.3.8/demos/lib/Exm/Panner.h
Examining data/motif-2.3.8/demos/lib/Exm/ExmStringP.h
Examining data/motif-2.3.8/demos/lib/Exm/Simple.c
Examining data/motif-2.3.8/demos/lib/Exm/CommandB.h
Examining data/motif-2.3.8/demos/lib/Exm/ExmMrm.h
Examining data/motif-2.3.8/demos/lib/Exm/wml/wmldbcreate.c
Examining data/motif-2.3.8/demos/lib/Exm/Grid.h
Examining data/motif-2.3.8/demos/lib/Exm/CommandB.c
Examining data/motif-2.3.8/demos/lib/Exm/PannerP.h
Examining data/motif-2.3.8/demos/lib/Exm/TabBP.h
Examining data/motif-2.3.8/demos/lib/Exm/ExmString.h
Examining data/motif-2.3.8/demos/lib/Exm/ExmString.c
Examining data/motif-2.3.8/demos/lib/Exm/MenuB.h
Examining data/motif-2.3.8/demos/doc/programGuide/ch08/Notebook/notebook.c
Examining data/motif-2.3.8/demos/doc/programGuide/ch08/Notebook/interface.c
Examining data/motif-2.3.8/demos/doc/programGuide/ch08/Container/interface.c
Examining data/motif-2.3.8/demos/doc/programGuide/ch08/Container/container.c
Examining data/motif-2.3.8/demos/doc/programGuide/ch06/combo_box/interface.c
Examining data/motif-2.3.8/demos/doc/programGuide/ch06/combo_box/combo_box.c
Examining data/motif-2.3.8/demos/doc/programGuide/ch06/spin_box/spin_box.c
Examining data/motif-2.3.8/demos/doc/programGuide/ch06/spin_box/interface.c
Examining data/motif-2.3.8/demos/doc/programGuide/ch17/simple_drop/simple_drop.c
Examining data/motif-2.3.8/demos/doc/programGuide/ch17/simple_drag/simple_drag.c
Examining data/motif-2.3.8/demos/doc/programGuide/ch05/Scale/tic_mark.c
Examining data/motif-2.3.8/demos/doc/programGuide/ch05/Scale/interface.c
Examining data/motif-2.3.8/demos/doc/programGuide/ch16/UTMXmText.c
Examining data/motif-2.3.8/demos/unsupported/xmfonts/xmfonts.c
Examining data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c
Examining data/motif-2.3.8/demos/unsupported/dainput/dainput_dlg.c
Examining data/motif-2.3.8/demos/unsupported/dainput/dainput.h
Examining data/motif-2.3.8/demos/unsupported/dainput/dainput_ui.c
Examining data/motif-2.3.8/demos/unsupported/dainput/dainput.c
Examining data/motif-2.3.8/demos/unsupported/uilsymdump/uilsymdump.c
Examining data/motif-2.3.8/demos/unsupported/xmapdef/xmapdef.c
Examining data/motif-2.3.8/demos/unsupported/aicon/aicon.c
Examining data/motif-2.3.8/demos/unsupported/xmform/xmform.c
Examining data/motif-2.3.8/demos/unsupported/hellomotif/hellomotif.c
Examining data/motif-2.3.8/demos/unsupported/dogs/DogP.h
Examining data/motif-2.3.8/demos/unsupported/dogs/Square.h
Examining data/motif-2.3.8/demos/unsupported/dogs/Square.c
Examining data/motif-2.3.8/demos/unsupported/dogs/SquareP.h
Examining data/motif-2.3.8/demos/unsupported/dogs/Dog.h
Examining data/motif-2.3.8/demos/unsupported/dogs/Dog.c
Examining data/motif-2.3.8/demos/unsupported/dogs/dogs.c
Examining data/motif-2.3.8/demos/unsupported/xmforc/xmforc.c
Examining data/motif-2.3.8/demos/unsupported/Exm/ContainerP.h
Examining data/motif-2.3.8/demos/unsupported/Exm/Container.h
Examining data/motif-2.3.8/demos/unsupported/Exm/Container.c
Examining data/motif-2.3.8/demos/programs/todo/io.c
Examining data/motif-2.3.8/demos/programs/todo/page.h
Examining data/motif-2.3.8/demos/programs/todo/todo.c
Examining data/motif-2.3.8/demos/programs/todo/actions.c
Examining data/motif-2.3.8/demos/programs/ButtonBox/bboxdemo.c
Examining data/motif-2.3.8/demos/programs/setdate/setDate.c
Examining data/motif-2.3.8/demos/programs/Paned/creation-c.c
Examining data/motif-2.3.8/demos/programs/Paned/paned.c
Examining data/motif-2.3.8/demos/programs/drag_and_drop/DNDDemo.c
Examining data/motif-2.3.8/demos/programs/drag_and_drop/simpledrop.c
Examining data/motif-2.3.8/demos/programs/drag_and_drop/DNDDemo.h
Examining data/motif-2.3.8/demos/programs/drag_and_drop/DNDDraw.c
Examining data/motif-2.3.8/demos/programs/piano/piano.c
Examining data/motif-2.3.8/demos/programs/Outline/outline.c
Examining data/motif-2.3.8/demos/programs/workspace/command_ui.c
Examining data/motif-2.3.8/demos/programs/workspace/command_ui.h
Examining data/motif-2.3.8/demos/programs/workspace/wsm_create.h
Examining data/motif-2.3.8/demos/programs/workspace/xrmLib.c
Examining data/motif-2.3.8/demos/programs/workspace/xrmLib.h
Examining data/motif-2.3.8/demos/programs/workspace/wsmStruct.c
Examining data/motif-2.3.8/demos/programs/workspace/wsm.c
Examining data/motif-2.3.8/demos/programs/workspace/wsmSend.c
Examining data/motif-2.3.8/demos/programs/workspace/wsmData.c
Examining data/motif-2.3.8/demos/programs/workspace/wsm_cb.c
Examining data/motif-2.3.8/demos/programs/workspace/wsm.h
Examining data/motif-2.3.8/demos/programs/workspace/wsmDebug.c
Examining data/motif-2.3.8/demos/programs/workspace/wsmData.h
Examining data/motif-2.3.8/demos/programs/workspace/wsmSend.h
Examining data/motif-2.3.8/demos/programs/workspace/wsmStruct.h
Examining data/motif-2.3.8/demos/programs/workspace/wsm_create.c
Examining data/motif-2.3.8/demos/programs/workspace/wsm_ui.h
Examining data/motif-2.3.8/demos/programs/workspace/wsmDebug.h
Examining data/motif-2.3.8/demos/programs/workspace/client_win.c
Examining data/motif-2.3.8/demos/programs/workspace/wsm_cb.h
Examining data/motif-2.3.8/demos/programs/Ext18List/callbacks-c.c
Examining data/motif-2.3.8/demos/programs/Ext18List/extlist.h
Examining data/motif-2.3.8/demos/programs/Ext18List/ext18list.c
Examining data/motif-2.3.8/demos/programs/Ext18List/creation.c
Examining data/motif-2.3.8/demos/programs/Ext18List/util-c.c
Examining data/motif-2.3.8/demos/programs/IconB/iconbuttondemo.c
Examining data/motif-2.3.8/demos/programs/IconB/misc.c
Examining data/motif-2.3.8/demos/programs/Column/column.c
Examining data/motif-2.3.8/demos/programs/Combo2/combo.c
Examining data/motif-2.3.8/demos/programs/draw/draw.c
Examining data/motif-2.3.8/demos/programs/earth/earth.c
Examining data/motif-2.3.8/demos/programs/popups/autopopups.c
Examining data/motif-2.3.8/demos/programs/getsubres/getsubres.c
Examining data/motif-2.3.8/demos/programs/sampler2_0/sampler2_0.c
Examining data/motif-2.3.8/demos/programs/fileview/fileview.h
Examining data/motif-2.3.8/demos/programs/fileview/file.h
Examining data/motif-2.3.8/demos/programs/fileview/main.c
Examining data/motif-2.3.8/demos/programs/fileview/mainE.h
Examining data/motif-2.3.8/demos/programs/fileview/fileE.h
Examining data/motif-2.3.8/demos/programs/fileview/main.h
Examining data/motif-2.3.8/demos/programs/fileview/text.h
Examining data/motif-2.3.8/demos/programs/fileview/file.c
Examining data/motif-2.3.8/demos/programs/fileview/textE.h
Examining data/motif-2.3.8/demos/programs/fileview/text.c
Examining data/motif-2.3.8/demos/programs/ColorSel/colordemo.c
Examining data/motif-2.3.8/demos/programs/ColorSel/util-c.c
Examining data/motif-2.3.8/demos/programs/tooltips/tooltips.c
Examining data/motif-2.3.8/demos/programs/panner/panner.c
Examining data/motif-2.3.8/demos/programs/FontSel/callbacks-c.c
Examining data/motif-2.3.8/demos/programs/FontSel/fontsel.h
Examining data/motif-2.3.8/demos/programs/FontSel/creation-c.c
Examining data/motif-2.3.8/demos/programs/FontSel/fontsel.c
Examining data/motif-2.3.8/demos/programs/periodic/periodic.c
Examining data/motif-2.3.8/demos/programs/hellomotif/hellomotif.c
Examining data/motif-2.3.8/demos/programs/animate/xmanimate.c
Examining data/motif-2.3.8/demos/programs/Tree/tree.c
Examining data/motif-2.3.8/demos/programs/Tree/bxutil-c.c
Examining data/motif-2.3.8/demos/programs/i18ninput/i18ninput.c
Examining data/motif-2.3.8/demos/programs/i18ninput/input.c
Examining data/motif-2.3.8/demos/programs/filemanager/convert.c
Examining data/motif-2.3.8/demos/programs/filemanager/interface.c
Examining data/motif-2.3.8/demos/programs/filemanager/readdir.c
Examining data/motif-2.3.8/demos/programs/filemanager/filemanager.h
Examining data/motif-2.3.8/demos/programs/filemanager/filemanager.c
Examining data/motif-2.3.8/demos/programs/filemanager/actions.c
Examining data/motif-2.3.8/demos/programs/TabStack/callbacks.c
Examining data/motif-2.3.8/demos/programs/TabStack/main.c
Examining data/motif-2.3.8/demos/programs/TabStack/creation.c
Examining data/motif-2.3.8/demos/programs/TabStack/creation.h
Examining data/motif-2.3.8/demos/programs/TabStack/bxutils.c
Examining data/motif-2.3.8/demos/programs/Exm/simple_app/simpleDemo.c
Examining data/motif-2.3.8/demos/programs/Exm/app_in_c/exm_in_c.c
Examining data/motif-2.3.8/demos/programs/hellomotifi18n/helloint.c
Examining data/motif-2.3.8/demos/programs/airport/dragsource.c
Examining data/motif-2.3.8/demos/programs/airport/dropsite.h
Examining data/motif-2.3.8/demos/programs/airport/airport.h
Examining data/motif-2.3.8/demos/programs/airport/main.c
Examining data/motif-2.3.8/demos/programs/airport/dropsite.c
Examining data/motif-2.3.8/demos/programs/airport/main.h
Examining data/motif-2.3.8/demos/programs/airport/dragsource.h
Examining data/motif-2.3.8/debian/tests/XmStrDefsI.h
FINAL RESULTS:
data/motif-2.3.8/config/util/chownxterm.c:73:6: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
if (chown(XTERM_PATH, 0, -1) != 0)
data/motif-2.3.8/config/util/chownxterm.c:75:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if (chmod(XTERM_PATH, 04555) != 0)
data/motif-2.3.8/config/util/lndir.c:256:7: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
if (readlink (dp->d_name, symbuf, sizeof(symbuf) - 1) >= 0) {
data/motif-2.3.8/config/util/lndir.c:275:11: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
symlen = readlink (dp->d_name, symbuf, sizeof(symbuf) - 1);
data/motif-2.3.8/config/util/lndir.c:284:19: [5] (race) readlink:
This accepts filename arguments; if an attacker can move those files or
change the link content, a race condition results. Also, it does not
terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
basesymlen = readlink(buf, basesym, sizeof(basesym) - 1);
data/motif-2.3.8/clients/mwm/WmCmd.c:1729:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(itemName[n], NewMenuItem->label);
data/motif-2.3.8/clients/mwm/WmCmd.c:1926:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(itemName[n], NewMenuItem->label);
data/motif-2.3.8/clients/mwm/WmCmd.c:1987:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (itemName[i],NewMenuItem->label);
data/motif-2.3.8/clients/mwm/WmDebug.h:30:18: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define PRINT printf
data/motif-2.3.8/clients/mwm/WmError.c:125:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pchErrorFormat[i], buffer);
data/motif-2.3.8/clients/mwm/WmError.c:178:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, pchErrorFormat[E_MAJOR_CODE], errorEvent->request_code);
data/motif-2.3.8/clients/mwm/WmError.c:183:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, pchErrorFormat[E_MINOR_CODE], errorEvent->minor_code);
data/motif-2.3.8/clients/mwm/WmError.c:185:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, pchErrorFormat[E_RESOURCE_ID], errorEvent->resourceid);
data/motif-2.3.8/clients/mwm/WmError.c:187:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, pchErrorFormat[E_ERROR_SERIAL], errorEvent->serial);
data/motif-2.3.8/clients/mwm/WmError.c:189:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, pchErrorFormat[E_CURRENT_SERIAL],
data/motif-2.3.8/clients/mwm/WmError.c:242:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err, "%s: %s\n", "I/O error on display:", XDisplayString(display));
data/motif-2.3.8/clients/mwm/WmError.c:329:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (pch, "%s: %s\n",
data/motif-2.3.8/clients/mwm/WmError.c:367:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf( stderr, f, s0, s1, s2, s3, s4, s5, s6, s7, s8, s9);
data/motif-2.3.8/clients/mwm/WmEvent.c:2101:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pchFile, pch);
data/motif-2.3.8/clients/mwm/WmFeedback.c:108:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(confirm_mesg[0], tmpString);
data/motif-2.3.8/clients/mwm/WmFeedback.c:120:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(confirm_mesg[1], tmpString);
data/motif-2.3.8/clients/mwm/WmFeedback.c:146:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(confirm_mesg[2], tmpString);
data/motif-2.3.8/clients/mwm/WmFeedback.c:195:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(confirm_mesg[3], tmpString);
data/motif-2.3.8/clients/mwm/WmFunction.c:1111:3: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp (shell, shellname, "-c", args, NULL);
data/motif-2.3.8/clients/mwm/WmFunction.c:1116:3: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl (shell, shellname, "-c", args, NULL);
data/motif-2.3.8/clients/mwm/WmFunction.c:1125:9: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl ("/usr/bin/sh", "sh", "-c", args, NULL);
data/motif-2.3.8/clients/mwm/WmFunction.c:1127:9: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl ("/bin/sh", "sh", "-c", args, NULL);
data/motif-2.3.8/clients/mwm/WmFunction.c:3554:5: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp (*(wmGD.argv), wmGD.argv);
data/motif-2.3.8/clients/mwm/WmImage.c:189:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fullPathName, "%s/%s", wmGD.bitmapDirectory, iconName);
data/motif-2.3.8/clients/mwm/WmImage.c:842:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (bitmapc->path, path);
data/motif-2.3.8/clients/mwm/WmImage.c:948:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fileName, homeDir);
data/motif-2.3.8/clients/mwm/WmImage.c:970:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fileName, homeDir);
data/motif-2.3.8/clients/mwm/WmImage.c:975:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fileName, wmGD.bitmapDirectory);
data/motif-2.3.8/clients/mwm/WmInitWs.c:723:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(pch,
data/motif-2.3.8/clients/mwm/WmInitWs.c:1447:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)wmGD.screenNames[sNum], buffer);
data/motif-2.3.8/clients/mwm/WmInitWs.c:1619:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(displayName, pDisplayName);
data/motif-2.3.8/clients/mwm/WmInitWs.c:1630:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "DISPLAY=:%s.%d",
data/motif-2.3.8/clients/mwm/WmInitWs.c:1633:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "DISPLAY=%s:%s.%d",
data/motif-2.3.8/clients/mwm/WmInitWs.c:1649:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pSD->displayString, buffer);
data/motif-2.3.8/clients/mwm/WmInitWs.c:1705:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pWS->name, DEFAULT_WS_NAME);
data/motif-2.3.8/clients/mwm/WmInitWs.c:1840:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tmpptr, homeDir);
data/motif-2.3.8/clients/mwm/WmInitWs.c:1845:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (tmpptr, *ppchBackdropDirs);
data/motif-2.3.8/clients/mwm/WmInitWs.c:1858:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (tmpptr, homeDir);
data/motif-2.3.8/clients/mwm/WmInitWs.c:1861:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (tmpptr, *ppchBackdropDirs);
data/motif-2.3.8/clients/mwm/WmInitWs.c:1865:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (tmpptr, pchD);
data/motif-2.3.8/clients/mwm/WmInitWs.c:2313:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf((char *)wmGD.screenNames[num], UNSPECIFIED_SCREEN_NAME);
data/motif-2.3.8/clients/mwm/WmInitWs.c:2349:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wmNLS.default_icon_box_title, tmpString);
data/motif-2.3.8/clients/mwm/WmInitWs.c:2362:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pWarningStringFile, tmpString);
data/motif-2.3.8/clients/mwm/WmInitWs.c:2374:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pWarningStringLine, tmpString);
data/motif-2.3.8/clients/mwm/WmInitWs.c:2387:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wmNLS.defaultVersionTitle, tmpString);
data/motif-2.3.8/clients/mwm/WmInitWs.c:2399:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wmNLS.defaultDtwmHelpTitle, tmpString);
data/motif-2.3.8/clients/mwm/WmInitWs.c:2411:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wmNLS.defaultHelpTitle, tmpString);
data/motif-2.3.8/clients/mwm/WmInitWs.c:2448:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(displayName, pDisplayName);
data/motif-2.3.8/clients/mwm/WmInitWs.c:2449:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "DISPLAY=%s",displayName);
data/motif-2.3.8/clients/mwm/WmInitWs.c:2463:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wmGD.displayString, buffer);
data/motif-2.3.8/clients/mwm/WmMain.c:278:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempString, (strrchr(argv[0], '/')));
data/motif-2.3.8/clients/mwm/WmMain.c:283:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tempString, argv[0]);
data/motif-2.3.8/clients/mwm/WmMenu.c:1986:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_command_str, "<%s>", tree->name);
data/motif-2.3.8/clients/mwm/WmMenu.c:1988:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_command_str, "%s.<%s>", command_string,
data/motif-2.3.8/clients/mwm/WmMenu.c:1993:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_funcargs, "<%s>", tree->name);
data/motif-2.3.8/clients/mwm/WmMenu.c:2108:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_command_str, "%s.<%s>", command_so_far, tree->name);
data/motif-2.3.8/clients/mwm/WmMenu.c:2110:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_command_str, "<%s>", tree->name);
data/motif-2.3.8/clients/mwm/WmMenu.c:2154:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(funcarg_buf, "<%s>", tree->name);
data/motif-2.3.8/clients/mwm/WmMenu.c:4293:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (pch, format, message);
data/motif-2.3.8/clients/mwm/WmProperty.c:1549:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pch, _XA_DT_WORKSPACE_INFO);
data/motif-2.3.8/clients/mwm/WmProperty.c:1551:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (pch, pchName);
data/motif-2.3.8/clients/mwm/WmResParse.c:972:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char*)topic, (char*)string);
data/motif-2.3.8/clients/mwm/WmResParse.c:978:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char*)volume, (char *)string);
data/motif-2.3.8/clients/mwm/WmResParse.c:1464:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pSD->pDtSessionItems[count].workspaces, (char *)string);
data/motif-2.3.8/clients/mwm/WmResParse.c:1539:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pSD->pDtSessionItems[count].commandArgv[xindex],
data/motif-2.3.8/clients/mwm/WmResParse.c:1584:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pSD->pDtSessionItems[count].clientMachine, (char *)string);
data/motif-2.3.8/clients/mwm/WmResParse.c:1773:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileName, ptr);
data/motif-2.3.8/clients/mwm/WmResParse.c:2135:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(LANG, LANGp);
data/motif-2.3.8/clients/mwm/WmResParse.c:2164:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cfileName, homeDir);
data/motif-2.3.8/clients/mwm/WmResParse.c:2190:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cfileName, homeDir);
data/motif-2.3.8/clients/mwm/WmResParse.c:2237:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cfileName, wmGD.configFile);
data/motif-2.3.8/clients/mwm/WmResParse.c:2258:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cfileName, homeDir);
data/motif-2.3.8/clients/mwm/WmResParse.c:2323:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cfileName, homeDir);
data/motif-2.3.8/clients/mwm/WmResParse.c:2366:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfileName, DTADMINDIR);
data/motif-2.3.8/clients/mwm/WmResParse.c:2374:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfileName, DTADMINDIR);
data/motif-2.3.8/clients/mwm/WmResParse.c:2398:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfileName, MWMRCDIR);
data/motif-2.3.8/clients/mwm/WmResParse.c:2405:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfileName, DTLIBDIR);
data/motif-2.3.8/clients/mwm/WmResParse.c:2414:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfileName, MWMRCDIR);
data/motif-2.3.8/clients/mwm/WmResParse.c:2436:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfileName, MWMRCDIR);
data/motif-2.3.8/clients/mwm/WmResParse.c:2446:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfileName, DTLIBDIR);
data/motif-2.3.8/clients/mwm/WmResParse.c:2460:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfileName, MWMRCDIR);
data/motif-2.3.8/clients/mwm/WmResParse.c:2469:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfileName, cfileName);
data/motif-2.3.8/clients/mwm/WmResParse.c:2679:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (menuSpec->name, (char *)string);
data/motif-2.3.8/clients/mwm/WmResParse.c:3235:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(stream, (char *) string);
data/motif-2.3.8/clients/mwm/WmResParse.c:3237:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(stream, (char *) *linePP);
data/motif-2.3.8/clients/mwm/WmResParse.c:3514:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (menuItem->label, (char *)string);
data/motif-2.3.8/clients/mwm/WmResParse.c:3995:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *) (lineP+1), (char *) (lineP+2));
data/motif-2.3.8/clients/mwm/WmResParse.c:4007:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*pArgs, (char *)string);
data/motif-2.3.8/clients/mwm/WmResParse.c:4118:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*pArgs, (char *)string);
data/motif-2.3.8/clients/mwm/WmResParse.c:6234:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp, "->%s", menuItem->label);
data/motif-2.3.8/clients/mwm/WmResParse.c:6242:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp, "=%s", menuItem->label);
data/motif-2.3.8/clients/mwm/WmResParse.c:6253:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp, "=>%s", menuItem->label);
data/motif-2.3.8/clients/mwm/WmResParse.c:6263:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp, "~%s", menuItem->label);
data/motif-2.3.8/clients/mwm/WmResParse.c:6809:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (pch, pWarningStringFile,
data/motif-2.3.8/clients/mwm/WmResParse.c:6815:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (pch, pWarningStringLine,
data/motif-2.3.8/clients/mwm/WmResParse.c:6824:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, ((char *)GETMESSAGE(60, 33, "%s: %s on line %d of configuration file %s\n")),
data/motif-2.3.8/clients/mwm/WmResParse.c:6830:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, ((char *)GETMESSAGE(60, 34, "%s: %s on line %d of specification string\n")),
data/motif-2.3.8/clients/mwm/WmResParse.c:7268:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)wmGD.screenNames[sNum], (char *)string);
data/motif-2.3.8/clients/mwm/WmResParse.c:7291:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)wmGD.screenNames[sNum],
data/motif-2.3.8/clients/mwm/WmResParse.c:7329:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fileName, homeDir);
data/motif-2.3.8/clients/mwm/WmResParse.c:7506:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (pAP->szExecParms, sClientName);
data/motif-2.3.8/clients/mwm/WmResParse.c:7515:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (pAP->szExecParms, sTitle);
data/motif-2.3.8/clients/mwm/WmResParse.c:7568:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system (pchCmd);
data/motif-2.3.8/clients/mwm/WmResParse.c:7607:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (pchCmd, pConfigStackTop->tempName);
data/motif-2.3.8/clients/mwm/WmResParse.c:7615:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (pchCmd, pConfigStackTop->cppName);
data/motif-2.3.8/clients/mwm/WmResParse.c:7754:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf ((char *)wmGD.tmpBuffer,
data/motif-2.3.8/clients/mwm/WmResParse.c:7826:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf ((char *)wmGD.tmpBuffer,
data/motif-2.3.8/clients/mwm/WmResParse.c:7880:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (pchCmd, pConfigStackTop->cppName);
data/motif-2.3.8/clients/mwm/WmResParse.c:7912:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(msg, ((char *)GETMESSAGE(60, 39,
data/motif-2.3.8/clients/mwm/WmResParse.c:8010:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pch, (char *)string);
data/motif-2.3.8/clients/mwm/WmResParse.c:8093:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pchCmd, wmGD.cppCommand);
data/motif-2.3.8/clients/mwm/WmResParse.c:8095:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (pchCmd, pConfigStackTop->fileName);
data/motif-2.3.8/clients/mwm/WmResParse.c:8097:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (pchCmd, pConfigStackTop->cppName);
data/motif-2.3.8/clients/mwm/WmResParse.c:8219:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pch, sName);
data/motif-2.3.8/clients/mwm/WmResParse.c:8222:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (pch, homeDir);
data/motif-2.3.8/clients/mwm/WmResParse.c:8223:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (pch, file_part+1);
data/motif-2.3.8/clients/mwm/WmResParse.c:8281:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sReturn, homeDir);
data/motif-2.3.8/clients/mwm/WmResParse.c:8282:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (sReturn, pchFile+1);
data/motif-2.3.8/clients/mwm/WmResource.c:217:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ResString, tmpString);
data/motif-2.3.8/clients/mwm/WmResource.c:235:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(MovString, tmpString);
data/motif-2.3.8/clients/mwm/WmResource.c:253:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SizString, tmpString);
data/motif-2.3.8/clients/mwm/WmResource.c:271:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(MinString, tmpString);
data/motif-2.3.8/clients/mwm/WmResource.c:289:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(MaxString, tmpString);
data/motif-2.3.8/clients/mwm/WmResource.c:307:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(LowString, tmpString);
data/motif-2.3.8/clients/mwm/WmResource.c:325:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(OcpString, tmpString);
data/motif-2.3.8/clients/mwm/WmResource.c:340:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(OcaString, tmpString);
data/motif-2.3.8/clients/mwm/WmResource.c:355:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(RemString, tmpString);
data/motif-2.3.8/clients/mwm/WmResource.c:371:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(CloString, tmpString);
data/motif-2.3.8/clients/mwm/WmResource.c:396:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dsm, defaultSystemMenuName);
data/motif-2.3.8/clients/mwm/WmResource.c:398:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dsm, ResString);
data/motif-2.3.8/clients/mwm/WmResource.c:400:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dsm, MovString);
data/motif-2.3.8/clients/mwm/WmResource.c:402:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dsm, SizString);
data/motif-2.3.8/clients/mwm/WmResource.c:404:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dsm, MinString);
data/motif-2.3.8/clients/mwm/WmResource.c:406:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dsm, MaxString);
data/motif-2.3.8/clients/mwm/WmResource.c:408:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dsm, LowString);
data/motif-2.3.8/clients/mwm/WmResource.c:414:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dsm, OcpString);
data/motif-2.3.8/clients/mwm/WmResource.c:416:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dsm, OcaString);
data/motif-2.3.8/clients/mwm/WmResource.c:418:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dsm, RemString);
data/motif-2.3.8/clients/mwm/WmResource.c:423:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dsm, CloString);
data/motif-2.3.8/clients/mwm/WmResource.c:448:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(builtinSystemMenu, dsm);
data/motif-2.3.8/clients/mwm/WmResource.c:3326:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)wmGD.screenNames[sNum], (char *)string);
data/motif-2.3.8/clients/mwm/WmResource.c:3350:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)wmGD.screenNames[sNum], (char *)string);
data/motif-2.3.8/clients/mwm/WmResource.c:4429:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf((char *)wmGD.tmpBuffer, ((char *)GETMESSAGE(62, 23, "failed to load font: %.100s")), (char*) pAData->fontList);
data/motif-2.3.8/clients/mwm/WmResource.c:5175:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pwsI->name, (char *)string);
data/motif-2.3.8/clients/mwm/WmResource.c:5358:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(default_ws_pres_title, tmpString);
data/motif-2.3.8/clients/mwm/WmResource.c:5380:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *)pch2, (char *)pch1);
data/motif-2.3.8/clients/mwm/WmResource.c:6307:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buffer, builtinKeyBindings, pSD->rootMenu);
data/motif-2.3.8/clients/mwm/WmResource.c:6359:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buffer, builtinButtonBindings, pSD->rootMenu);
data/motif-2.3.8/clients/mwm/WmWinInfo.c:2233:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(msg, GETMESSAGE (70,5,
data/motif-2.3.8/clients/mwm/WmWinInfo.c:2241:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(msg, GETMESSAGE (70, 6,
data/motif-2.3.8/clients/mwm/WmWinInfo.c:2251:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(msg, LOCALE_MSG, setlocale(LC_ALL, NULL));
data/motif-2.3.8/clients/mwm/WmWinInfo.c:2256:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(msg, GETMESSAGE(70, 8,
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:66:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Request: %s\n", _WSMReqTypeToName(request->any.type));
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:82:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ptr, "Number of Extension Suggestions: %d\n%s",
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:87:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ptr, request->extensions.extension_suggestions[i]);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:97:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ptr, "Window: 0x%lX\nDiffs Allowed: %s\n",
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:137:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Reply: %s\n", _WSMReqTypeToName(reply->any.type));
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:145:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ptr, "Number of Extensions: %d\n%s",
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:150:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ptr, reply->extensions.extensions[i]);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:242:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%sName: %s, Type: Value, Value: %ld\n", tab_str,
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:264:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%sName: %s, Type: %s, Len: %d\n%s%s", tab_str,
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:307:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf("Accepts Diffs: %s\n",
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:336:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, " Name: %s, Size: %d, Is_List: %s\n",
data/motif-2.3.8/clients/mwm/WmWsmLib/disp.c:176:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, WM_SELECTION_FORMAT, screen_number);
data/motif-2.3.8/clients/mwm/WmWsmLib/disp.c:179:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, WSM_SELECTION_FORMAT, screen_number);
data/motif-2.3.8/clients/mwm/WmXSMP.c:277:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileNameBuf, "%s/%s", savePath, dtwmFileName);
data/motif-2.3.8/clients/mwm/WmXSMP.c:287:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileNameBuf, savePath);
data/motif-2.3.8/clients/mwm/WmXSMP.c:294:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileNameBuf, dtwmFileName);
data/motif-2.3.8/clients/mwm/WmXSMP.c:298:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fileNameBuf, (wmGD.dbFileName == (char *)NULL) ?
data/motif-2.3.8/clients/mwm/WmXSMP.c:333:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wmGD.dbFileName, *argP);
data/motif-2.3.8/clients/mwm/WmXSMP.c:350:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(wmGD.dbFileName, wmGD.sessionClientDB);
data/motif-2.3.8/clients/mwm/WmXSMP.c:362:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(wmGD.dbFileName, "%s/%s", homeDir, dtwmFileName);
data/motif-2.3.8/clients/mwm/WmXSMP.c:513:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cwsP, wsNameP);
data/motif-2.3.8/clients/mwm/WmXSMP.c:526:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cwsP, wsNameP);
data/motif-2.3.8/clients/mwm/WmXSMP.c:594:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(resourceBuf, fmtStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:943:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, dbClientFormat, XSMPClientStr, clientID, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:949:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, xPositionStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:950:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, intArg, clientX);
data/motif-2.3.8/clients/mwm/WmXSMP.c:955:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, yPositionStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:956:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, intArg, clientY);
data/motif-2.3.8/clients/mwm/WmXSMP.c:973:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, iconXPosStr, clientID, pWS->name);
data/motif-2.3.8/clients/mwm/WmXSMP.c:974:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, intArg, pCD->pWsList[i].iconX);
data/motif-2.3.8/clients/mwm/WmXSMP.c:979:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, iconYPosStr, clientID, pWS->name);
data/motif-2.3.8/clients/mwm/WmXSMP.c:980:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, intArg, pCD->pWsList[i].iconY);
data/motif-2.3.8/clients/mwm/WmXSMP.c:987:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, iconXPosStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:988:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, intArg, ICON_X(pCD));
data/motif-2.3.8/clients/mwm/WmXSMP.c:993:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, iconYPosStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:994:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, intArg, ICON_Y(pCD));
data/motif-2.3.8/clients/mwm/WmXSMP.c:1001:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, widthSizeStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1002:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, intArg, clientWd);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1007:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, heightSizeStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1008:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, intArg, clientHt);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1021:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, initialStateStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1022:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, strArg, (clientState == NORMAL_STATE) ?
data/motif-2.3.8/clients/mwm/WmXSMP.c:1033:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, workspacesStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1034:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, strArg, clientWorkspaces);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1062:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, dbClientFormat, proxyClientStr, clientID, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1064:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, screenStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1065:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, intArg, proxyClientInfo.screen);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1067:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, wmCommandStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1068:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, strArg, proxyClientInfo.wmCommand);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1073:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, wmClientMachineStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1074:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, strArg, proxyClientInfo.wmClientMachine);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1080:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, xPositionStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1081:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, intArg, clientX);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1083:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, yPositionStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1084:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, intArg, clientY);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1098:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, iconXPosStr, clientID, pWS->name);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1099:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, intArg, pCD->pWsList[i].iconX);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1101:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, iconYPosStr, clientID, pWS->name);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1102:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, intArg, pCD->pWsList[i].iconY);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1106:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, iconXPosStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1107:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, intArg, ICON_X(pCD));
data/motif-2.3.8/clients/mwm/WmXSMP.c:1109:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, iconYPosStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1110:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, intArg, ICON_Y(pCD));
data/motif-2.3.8/clients/mwm/WmXSMP.c:1114:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, widthSizeStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1115:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, intArg, clientWd);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1117:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, heightSizeStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1118:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, intArg, clientHt);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1126:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, initialStateStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1127:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, strArg, (clientState == NORMAL_STATE) ?
data/motif-2.3.8/clients/mwm/WmXSMP.c:1134:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, workspacesStr, clientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1135:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, strArg, clientWorkspaces);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1150:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(resourceBuf, wmCommandStr, proxyClientID);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1234:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fp, dbHeader, dtwmFileName, "dtwm Version XSMP1.0",
data/motif-2.3.8/clients/mwm/WmXSMP.c:1349:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(resourceBuf, iconXPosStr, "%s", pWS->name);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1358:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(resourceBuf, iconYPosStr, "%s", pWS->name);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1383:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(resourceBuf, iconXPosStr, "%s", pWS->name);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1392:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(resourceBuf, iconYPosStr, "%s", pWS->name);
data/motif-2.3.8/clients/uil/UilDB.c:913:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (outptr, ptr);
data/motif-2.3.8/clients/uil/UilDB.c:978:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wmd_path, ABSOLUTE_PATH);
data/motif-2.3.8/clients/uil/UilDB.c:992:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( wmd_path, WMDPATH_DEFAULT,
data/motif-2.3.8/clients/uil/UilDB.c:1000:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(wmd_path, XAPPLRES_DEFAULT,
data/motif-2.3.8/clients/uil/UilDB.c:1009:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (wmd_path, path);
data/motif-2.3.8/clients/uil/UilDefI.h:249:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define _debug_output printf
data/motif-2.3.8/clients/uil/UilDefI.h:393:91: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
extern MrmCode ref_control _ARGUMENTS(( sym_control_entry_type *control_entry , MrmCode *access , char **index , MrmResource_id *id ));
data/motif-2.3.8/clients/uil/UilDiags.c:277:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf( msg_buffer, sizeof(msg_buffer),
data/motif-2.3.8/clients/uil/UilDiags.c:282:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf( msg_buffer, sizeof(msg_buffer),
data/motif-2.3.8/clients/uil/UilDiags.c:301:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( loc_buffer,
data/motif-2.3.8/clients/uil/UilDiags.c:307:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( loc_buffer,
data/motif-2.3.8/clients/uil/UilDiags.c:355:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(loc_buffer,
data/motif-2.3.8/clients/uil/UilDiags.c:363:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(loc_buffer,
data/motif-2.3.8/clients/uil/UilDiags.c:371:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( loc_buffer, catgets(uil_catd, UIL_SET_MISC,
data/motif-2.3.8/clients/uil/UilDiags.c:377:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( loc_buffer,
data/motif-2.3.8/clients/uil/UilLexAna.c:1588:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (comment_text, (char *)az_current_lex_buffer->c_text);
data/motif-2.3.8/clients/uil/UilLstLst.c:148:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lst_c_title1,
data/motif-2.3.8/clients/uil/UilLstLst.c:254:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(az_fcb->expanded_name, Uil_cmd_z_command.ac_listing_file);
data/motif-2.3.8/clients/uil/UilLstLst.c:513:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer,
data/motif-2.3.8/clients/uil/UilLstLst.c:582:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s (%d) %s",
data/motif-2.3.8/clients/uil/UilLstLst.c:1000:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf( &(buffer[cur_pos]), format, ap );
data/motif-2.3.8/clients/uil/UilLstLst.c:1021:3: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf( format, ap );
data/motif-2.3.8/clients/uil/UilLstMac.c:206:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer, "Resource index: %s",
data/motif-2.3.8/clients/uil/UilLstMac.c:233:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer, "access: %s",
data/motif-2.3.8/clients/uil/UilLstMac.c:234:29: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access_from_code (w_rec->access) );
data/motif-2.3.8/clients/uil/UilLstMac.c:238:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
_WROffset (access),
data/motif-2.3.8/clients/uil/UilLstMac.c:239:18: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
sizeof (w_rec->access), (char*)& w_rec->access,
data/motif-2.3.8/clients/uil/UilLstMac.c:239:43: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
sizeof (w_rec->access), (char*)& w_rec->access,
data/motif-2.3.8/clients/uil/UilLstMac.c:258:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (buffer, class_name_from_code (w_rec->type));
data/motif-2.3.8/clients/uil/UilLstMac.c:472:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer,
data/motif-2.3.8/clients/uil/UilLstMac.c:481:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer,
data/motif-2.3.8/clients/uil/UilLstMac.c:509:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer, "(%d) type: %s",
data/motif-2.3.8/clients/uil/UilLstMac.c:619:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer, "(%d) routine tag type: %s",
data/motif-2.3.8/clients/uil/UilLstMac.c:667:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer, "access: %s",
data/motif-2.3.8/clients/uil/UilLstMac.c:668:35: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access_from_code (r_desc_ptr->access) );
data/motif-2.3.8/clients/uil/UilLstMac.c:672:42: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
_Offset (RGMResourceDesc, off_offset, access),
data/motif-2.3.8/clients/uil/UilLstMac.c:673:24: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
sizeof (r_desc_ptr->access),
data/motif-2.3.8/clients/uil/UilLstMac.c:674:25: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
(char*)& r_desc_ptr->access,
data/motif-2.3.8/clients/uil/UilLstMac.c:707:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer, "resource group: %s",
data/motif-2.3.8/clients/uil/UilLstMac.c:717:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer, "resource type: %s",
data/motif-2.3.8/clients/uil/UilLstMac.c:801:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer, "(%d) access: %s", j,
data/motif-2.3.8/clients/uil/UilLstMac.c:802:30: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access_from_code (c_ptr->access) );
data/motif-2.3.8/clients/uil/UilLstMac.c:806:39: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
_Offset (RGMChildDesc, off_offset, access),
data/motif-2.3.8/clients/uil/UilLstMac.c:807:19: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
sizeof (c_ptr->access),
data/motif-2.3.8/clients/uil/UilLstMac.c:808:20: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
(char*)& c_ptr->access,
data/motif-2.3.8/clients/uil/UilLstMac.c:922:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer, "Resource index: %s",
data/motif-2.3.8/clients/uil/UilLstMac.c:931:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer, "size: %d, group: %s",
data/motif-2.3.8/clients/uil/UilLstMac.c:936:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer, "type: %s, access: %s, locked: ",
data/motif-2.3.8/clients/uil/UilLstMac.c:1091:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer, "(%d) type: %s, offset: %X (hex)",
data/motif-2.3.8/clients/uil/UilLstMac.c:1217:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (buffer, "(%d) %s", i, t_rec->index);
data/motif-2.3.8/clients/uil/UilP2Out.c:1324:17: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access;
data/motif-2.3.8/clients/uil/UilP2Out.c:1633:37: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
UrmRCSetAccess( out_az_context, access );
data/motif-2.3.8/clients/uil/UilP2Out.c:1699:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (textptr, charset_name);
data/motif-2.3.8/clients/uil/UilP2Out.c:1703:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (textptr, value_entry->value.c_value);
data/motif-2.3.8/clients/uil/UilP2Out.c:1919:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (textptr, charset_name);
data/motif-2.3.8/clients/uil/UilP2Out.c:1924:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (textptr, font_value->value.c_value);
data/motif-2.3.8/clients/uil/UilP2Out.c:2566:18: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access;
data/motif-2.3.8/clients/uil/UilP2Out.c:2579:41: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
form = ref_control( control_entry, &access, &index, &id );
data/motif-2.3.8/clients/uil/UilP2Out.c:2611:4: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access,
data/motif-2.3.8/clients/uil/UilP2Out.c:2820:36: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode ref_control(control_entry, access, index, id)
data/motif-2.3.8/clients/uil/UilP2Out.c:2823:12: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode *access;
data/motif-2.3.8/clients/uil/UilP2Out.c:2945:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "while %s encountered %s",
data/motif-2.3.8/clients/uil/UilSarMod.c:260:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sym_az_root_entry->file_name, Uil_cmd_z_command.ac_source_file);
data/motif-2.3.8/clients/uil/UilSarMod.c:261:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sym_az_root_entry->full_file_name, src_az_source_file_table[0]->expanded_name);
data/motif-2.3.8/clients/uil/UilSarMod.c:363:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Uil_lst_c_title2,
data/motif-2.3.8/clients/uil/UilSarMod.c:463:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Uil_lst_c_title2,
data/motif-2.3.8/clients/uil/UilSarObj.c:156:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(object->obj_header.az_comment, comment_text);
data/motif-2.3.8/clients/uil/UilSemCSet.c:278:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (uname, lang_charset);
data/motif-2.3.8/clients/uil/UilSrcSrc.c:406:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (full_file_name, az_fcb->expanded_name);
data/motif-2.3.8/clients/uil/UilSrcSrc.c:662:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buffer, c_file_name);
data/motif-2.3.8/clients/uil/UilSrcSrc.c:728:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(az_fcb->expanded_name, buffer);
data/motif-2.3.8/clients/uil/UilSrcSrc.c:1075:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( c_buffer,
data/motif-2.3.8/config/util/checktree.c:157:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, dp->d_name);
data/motif-2.3.8/config/util/checktree.c:161:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, dp->d_name);
data/motif-2.3.8/config/util/checktree.c:242:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, dp->d_name);
data/motif-2.3.8/config/util/checktree.c:268:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, dp->d_name);
data/motif-2.3.8/config/util/checktree.c:271:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, dp->d_name);
data/motif-2.3.8/config/util/checktree.c:277:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, dp->d_name);
data/motif-2.3.8/config/util/checktree.c:344:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, *argv++);
data/motif-2.3.8/config/util/lndir.c:102:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, fmt, args);
data/motif-2.3.8/config/util/lndir.c:105:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, fmt, a1, a2, a3);
data/motif-2.3.8/config/util/lndir.c:137:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, fmt, args);
data/motif-2.3.8/config/util/lndir.c:140:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, fmt, a1, a2, a3);
data/motif-2.3.8/config/util/lndir.c:167:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s+1, s+2);
data/motif-2.3.8/config/util/lndir.c:202:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (buf, fn);
data/motif-2.3.8/config/util/lndir.c:215:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p, dp->d_name);
data/motif-2.3.8/config/util/makestrs.c:261:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf (fileprotstr, "_%s_", phile->name);
data/motif-2.3.8/config/util/makestrs.c:265:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void) sprintf (fileprotstr, "_%s%s_", prefixstr, phile->name);
data/motif-2.3.8/config/util/makestrs.c:302:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) printf (const_string, externdefstr,
data/motif-2.3.8/config/util/makestrs.c:320:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) printf (const_string, externdefstr,
data/motif-2.3.8/config/util/makestrs.c:329:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) printf (const_string, externdefstr,
data/motif-2.3.8/config/util/makestrs.c:394:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) printf (const_string, externdefstr, conststr ? conststr : "",
data/motif-2.3.8/config/util/makestrs.c:497:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy (phile->name, buf + strlen (file_str) + 1);
data/motif-2.3.8/config/util/makestrs.c:516:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy (table->name, buf + strlen (table_str) + 1);
data/motif-2.3.8/config/util/makestrs.c:531:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy (prefixstr, buf + strlen (prefix_str) + 1);
data/motif-2.3.8/config/util/makestrs.c:536:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy (featurestr, buf + strlen (feature_str) + 1);
data/motif-2.3.8/config/util/makestrs.c:541:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy (externrefstr, buf + strlen (externref_str) + 1);
data/motif-2.3.8/config/util/makestrs.c:546:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy (externdefstr, buf + strlen (externdef_str) + 1);
data/motif-2.3.8/config/util/makestrs.c:551:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy (ctmplstr, buf + strlen (ctmpl_str) + 1);
data/motif-2.3.8/config/util/makestrs.c:563:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy (conststr, buf + strlen (const_str) + 1);
data/motif-2.3.8/config/util/makestrs.c:578:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (lbuf, prefixstr);
data/motif-2.3.8/config/util/makestrs.c:579:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (lbuf, right);
data/motif-2.3.8/config/util/makestrs.c:589:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tableent->left, buf);
data/motif-2.3.8/config/util/makestrs.c:592:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tableent->right, right);
data/motif-2.3.8/demos/lib/Exm/wml/wmldbcreate.c:118:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfilename, argv[1]);
data/motif-2.3.8/demos/lib/Wsm/debug.c:66:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Request: %s\n", _WSMReqTypeToName(request->any.type));
data/motif-2.3.8/demos/lib/Wsm/debug.c:82:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ptr, "Number of Extension Suggestions: %d\n%s",
data/motif-2.3.8/demos/lib/Wsm/debug.c:87:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ptr, request->extensions.extension_suggestions[i]);
data/motif-2.3.8/demos/lib/Wsm/debug.c:97:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ptr, "Window: 0x%X\nDiffs Allowed: %s\n",
data/motif-2.3.8/demos/lib/Wsm/debug.c:138:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Reply: %s\n", _WSMReqTypeToName(reply->any.type));
data/motif-2.3.8/demos/lib/Wsm/debug.c:146:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ptr, "Number of Extensions: %d\n%s",
data/motif-2.3.8/demos/lib/Wsm/debug.c:151:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ptr, reply->extensions.extensions[i]);
data/motif-2.3.8/demos/lib/Wsm/debug.c:244:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%sName: %s, Type: Value, Value: %ld\n", tab_str,
data/motif-2.3.8/demos/lib/Wsm/debug.c:266:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%sName: %s, Type: %s, Len: %d\n%s%s", tab_str,
data/motif-2.3.8/demos/lib/Wsm/debug.c:310:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf("Accepts Diffs: %s\n",
data/motif-2.3.8/demos/lib/Wsm/debug.c:339:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, " Name: %s, Size: %d, Is_List: %s\n",
data/motif-2.3.8/demos/lib/Wsm/disp.c:161:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, WM_SELECTION_FORMAT, screen_number);
data/motif-2.3.8/demos/lib/Wsm/disp.c:164:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(temp, WSM_SELECTION_FORMAT, screen_number);
data/motif-2.3.8/demos/lib/Xmd/Help.c:774:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "Couldn't find file %s in the path given.\n", filename);
data/motif-2.3.8/demos/lib/Xmd/Menus.c:249:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s_pulldown", name);
data/motif-2.3.8/demos/lib/Xmd/Print.c:870:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "lp -d%s -n%d %s",
data/motif-2.3.8/demos/lib/Xmd/Print.c:875:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "lpr -P%s -#%d %s",
data/motif-2.3.8/demos/lib/Xmd/Print.c:881:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(command, "cp %s %s", pathname, cb -> printer);
data/motif-2.3.8/demos/lib/Xmd/Print.c:884:3: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(command);
data/motif-2.3.8/demos/lib/Xmd/RegEdit.c:829:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "The `%s' resource is not used by this widget.",
data/motif-2.3.8/demos/lib/Xmd/RegEdit.c:832:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, msg, params[0]);
data/motif-2.3.8/demos/lib/Xmd/RegEdit.c:836:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,
data/motif-2.3.8/demos/lib/Xmd/RegEdit.c:840:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "Could not convert the `%s' resource.",
data/motif-2.3.8/demos/lib/Xmd/RegEdit.c:844:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "Name: %s, Type: %s, Class: %s, Msg: %s",
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:867:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tagBuf, XmSTRING_DEFAULT_CHARSET);
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:1193:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpBuf, str);
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:1727:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(widget, "*%s", start);
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:2414:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorTable[a][curkey], curbuf);
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:2425:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(curbuf, buf); /* append buf */
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:2434:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorTable[a][curkey], curbuf);
data/motif-2.3.8/demos/programs/Ext18List/callbacks-c.c:349:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s already in line up.", players[playernum].name);
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:867:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tagBuf, XmSTRING_DEFAULT_CHARSET);
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:1193:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpBuf, str);
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:1727:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(widget, "*%s", start);
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:2414:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorTable[a][curkey], curbuf);
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:2425:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(curbuf, buf); /* append buf */
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:2434:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorTable[a][curkey], curbuf);
data/motif-2.3.8/demos/programs/IconB/iconbuttondemo.c:170:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(message_string, OUTPUT_CODE, class_name,
data/motif-2.3.8/demos/programs/IconB/misc.c:837:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tagBuf, XmSTRING_DEFAULT_CHARSET);
data/motif-2.3.8/demos/programs/IconB/misc.c:1163:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpBuf, str);
data/motif-2.3.8/demos/programs/IconB/misc.c:1699:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(widget, "*%s", start);
data/motif-2.3.8/demos/programs/IconB/misc.c:2386:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorTable[a][curkey], curbuf);
data/motif-2.3.8/demos/programs/IconB/misc.c:2397:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(curbuf, buf); /* append buf */
data/motif-2.3.8/demos/programs/IconB/misc.c:2406:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorTable[a][curkey], curbuf);
data/motif-2.3.8/demos/programs/Outline/outline.c:498:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s has switched to the XmOpen state.", name);
data/motif-2.3.8/demos/programs/Outline/outline.c:500:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s has switched to the XmClosed state.", name);
data/motif-2.3.8/demos/programs/Outline/outline.c:502:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s has switched to the XmAlwaysOpen state.", name);
data/motif-2.3.8/demos/programs/Outline/outline.c:504:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s has switched to the XmHidden state.", name);
data/motif-2.3.8/demos/programs/Outline/outline.c:506:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s has switched node state.", name);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:880:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tagBuf, XmSTRING_DEFAULT_CHARSET);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:1206:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpBuf, str);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:1749:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(widget, "*%s", start);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:2416:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorTable[a][curkey], curbuf);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:2427:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(curbuf, buf); /* append buf */
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:2436:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorTable[a][curkey], curbuf);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:3688:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "*%s%s", _name, resourceSpec[i++]);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:3791:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lineage, "*%s", inst_name);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:3800:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, lineage);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:3801:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lineage, "*%s%s", XtName(parent), buf);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:3828:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s.%s*%s.%s: %s",
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:3834:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s.%s.%s: %s",
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:3840:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s*%s.%s: %s",
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:3845:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s.%s: %s", lineage, defs->wRsc, defs->value);
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:867:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tagBuf, XmSTRING_DEFAULT_CHARSET);
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:1193:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmpBuf, str);
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:1727:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(widget, "*%s", start);
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:2414:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorTable[a][curkey], curbuf);
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:2425:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(curbuf, buf); /* append buf */
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:2434:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(colorTable[a][curkey], curbuf);
data/motif-2.3.8/demos/programs/Tree/tree.c:618:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s has switched to the XmOpen state.", name);
data/motif-2.3.8/demos/programs/Tree/tree.c:620:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s has switched to the XmClosed state.", name);
data/motif-2.3.8/demos/programs/Tree/tree.c:622:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s has switched to the XmAlwaysOpen state.", name);
data/motif-2.3.8/demos/programs/Tree/tree.c:624:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s has switched to the XmHidden state.", name);
data/motif-2.3.8/demos/programs/Tree/tree.c:626:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s has switched node state.", name);
data/motif-2.3.8/demos/programs/airport/main.c:362:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(name, entry), "Menu"),
data/motif-2.3.8/demos/programs/animate/xmanimate.c:170:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(uidanimfile,anim_name);
data/motif-2.3.8/demos/programs/animate/xmanimate.c:252:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(uiliconname, "%sicon%d",anim_name, i+1);
data/motif-2.3.8/demos/programs/drag_and_drop/simpledrop.c:114:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strncat(strcpy(tmp, s1), s2, 256);
data/motif-2.3.8/demos/programs/drag_and_drop/simpledrop.c:154:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(name, entry), "Menu"),
data/motif-2.3.8/demos/programs/drag_and_drop/simpledrop.c:431:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Type %s format %d",
data/motif-2.3.8/demos/programs/filemanager/actions.c:102:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "/%s", filename);
data/motif-2.3.8/demos/programs/filemanager/actions.c:104:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s%s", currentdir, filename);
data/motif-2.3.8/demos/programs/filemanager/actions.c:106:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s/%s", currentdir, filename);
data/motif-2.3.8/demos/programs/filemanager/actions.c:133:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s/unnamed%d", currentdir, i);
data/motif-2.3.8/demos/programs/filemanager/actions.c:166:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, deleteCommand, getPathFromIcon(selected[i]));
data/motif-2.3.8/demos/programs/filemanager/actions.c:167:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(buf);
data/motif-2.3.8/demos/programs/filemanager/readdir.c:115:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, currentdir);
data/motif-2.3.8/demos/programs/filemanager/readdir.c:132:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dir, partial);
data/motif-2.3.8/demos/programs/filemanager/readdir.c:185:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, names[level]);
data/motif-2.3.8/demos/programs/filemanager/readdir.c:405:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, dir);
data/motif-2.3.8/demos/programs/filemanager/readdir.c:407:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, info -> d_name);
data/motif-2.3.8/demos/programs/filemanager/readdir.c:459:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msk, str);
data/motif-2.3.8/demos/programs/filemanager/readdir.c:681:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, str, pathname);
data/motif-2.3.8/demos/programs/filemanager/readdir.c:683:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(buf);
data/motif-2.3.8/demos/programs/fileview/main.c:129:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "Your Operating System is %s", os_name);
data/motif-2.3.8/demos/programs/fileview/main.c:238:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "Locale `%s' not supported by C and/or X library",
data/motif-2.3.8/demos/programs/fileview/main.c:290:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, LangList[SelectedLocale]);
data/motif-2.3.8/demos/programs/fileview/main.c:295:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, LangList[SelectedLocale]);
data/motif-2.3.8/demos/programs/fileview/main.c:459:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcat(strcpy(menu_name, entry), "Menu"),
data/motif-2.3.8/demos/programs/getsubres/getsubres.c:249:12: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) vsprintf(tmp, fmt, args);
data/motif-2.3.8/demos/programs/getsubres/getsubres.c:295:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buff_line + 37, resource_list[i].resource_name) ;
data/motif-2.3.8/demos/programs/getsubres/getsubres.c:320:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buff_line + 37, resource_list[i].resource_name) ;
data/motif-2.3.8/demos/programs/getsubres/getsubres.c:352:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (buff_line + 37,
data/motif-2.3.8/demos/programs/i18ninput/i18ninput.c:70:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(basename, p+1);
data/motif-2.3.8/demos/programs/i18ninput/i18ninput.c:72:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(basename, str);
data/motif-2.3.8/demos/programs/i18ninput/input.c:750:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,
data/motif-2.3.8/demos/programs/i18ninput/input.c:757:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,
data/motif-2.3.8/demos/programs/i18ninput/input.c:764:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,
data/motif-2.3.8/demos/programs/panner/panner.c:357:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(selectionName, WM_SELECTION_FORMAT,
data/motif-2.3.8/demos/programs/periodic/periodic.c:285:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf + 1, name);
data/motif-2.3.8/demos/programs/piano/piano.c:1523:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(EMSG1);
data/motif-2.3.8/demos/programs/sampler2_0/sampler2_0.c:202:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tab_name, "TabTo%s", nb_data.pages[i].page_name);
data/motif-2.3.8/demos/programs/setdate/setDate.c:279:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buffer, dateCommand, date);
data/motif-2.3.8/demos/programs/setdate/setDate.c:280:3: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(buffer);
data/motif-2.3.8/demos/programs/todo/io.c:121:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "Can't access (%s) for reading", filename);
data/motif-2.3.8/demos/programs/todo/io.c:227:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, &line[1]);
data/motif-2.3.8/demos/programs/todo/io.c:264:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(filename, F_OK) == 0 &&
data/motif-2.3.8/demos/programs/todo/io.c:265:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
access(filename, W_OK) != 0) {
data/motif-2.3.8/demos/programs/todo/io.c:269:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "Can't access (%s) for writing", filename);
data/motif-2.3.8/demos/programs/todo/io.c:277:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(filename, F_OK) == 0) {
data/motif-2.3.8/demos/programs/todo/io.c:278:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(oldfilename, filename);
data/motif-2.3.8/demos/programs/todo/todo.c:227:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temppath, user -> pw_dir);
data/motif-2.3.8/demos/programs/todo/todo.c:286:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
found = access(buf, F_OK) != 0;
data/motif-2.3.8/demos/programs/workspace/wsm.c:358:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*name,home_name);
data/motif-2.3.8/demos/programs/workspace/wsm.c:360:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*name,app_data.file_name);
data/motif-2.3.8/demos/programs/workspace/wsm.c:365:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*name,app_data.file_name);
data/motif-2.3.8/demos/programs/workspace/wsm.c:371:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*name,home_name);
data/motif-2.3.8/demos/programs/workspace/wsm.c:391:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, app_data.workspace_list[i]);
data/motif-2.3.8/demos/programs/workspace/wsm.c:402:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, str_table[i]);
data/motif-2.3.8/demos/programs/workspace/wsmData.c:90:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s_list,s->name);
data/motif-2.3.8/demos/programs/workspace/wsmData.c:106:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(b_list,s->background);
data/motif-2.3.8/demos/programs/workspace/wsmData.c:122:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p_list,s->pixmap_name);
data/motif-2.3.8/demos/programs/workspace/wsmData.c:129:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(c_space,current_space->name);
data/motif-2.3.8/demos/programs/workspace/wsmData.c:598:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str,tempstr);
data/motif-2.3.8/demos/programs/workspace/wsmDebug.h:36:15: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define PRINT printf
data/motif-2.3.8/demos/programs/workspace/wsmStruct.c:124:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->name, str);
data/motif-2.3.8/demos/programs/workspace/wsmStruct.c:161:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->background,name);
data/motif-2.3.8/demos/programs/workspace/wsmStruct.c:208:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s->background,name);
data/motif-2.3.8/demos/programs/workspace/wsmStruct.c:281:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->pixmap_name,name);
data/motif-2.3.8/demos/programs/workspace/wsm_cb.c:314:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str,"0x%x %s",(unsigned)w_list->work_win->window, w_list->work_win->name);
data/motif-2.3.8/demos/programs/workspace/wsm_cb.c:766:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(old_name,space->name);
data/motif-2.3.8/demos/programs/workspace/wsm_cb.c:770:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(space->name,str);
data/motif-2.3.8/demos/programs/workspace/wsm_cb.c:1053:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_name,home_name);
data/motif-2.3.8/demos/programs/workspace/wsm_cb.c:1055:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(file_name,new_file_name);
data/motif-2.3.8/demos/programs/workspace/wsm_cb.c:1061:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_name,new_file_name);
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:714:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(rooms_str,str);
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:721:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(rooms_str,new_str);
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:954:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(rooms_str,r_str);
data/motif-2.3.8/demos/unsupported/aicon/aicon.c:164:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "Cannot open iconDir: %s\n", dir);
data/motif-2.3.8/demos/unsupported/aicon/aicon.c:175:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(icon_fullname, dir);
data/motif-2.3.8/demos/unsupported/aicon/aicon.c:188:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(icon_fullname, item->d_name);
data/motif-2.3.8/demos/unsupported/dainput/dainput.c:50:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(basename, p+1);
data/motif-2.3.8/demos/unsupported/dainput/dainput.c:52:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(basename, str);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:199:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if (textstr == NULL) sprintf(textstr, "%s", DEFAULT_FONT);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:309:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(pathname, fileptr);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:320:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(datahome, fileptr);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:588:7: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp(systemCommand, systemCommand, NULL);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:594:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(findCmd, CMD, systemCommand);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:595:14: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
file = popen(findCmd, "r");
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:611:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(uidpath, "UIDPATH=%s.uid", str);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:615:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(uidpath, "%s.uid", str);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:619:4: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl(str, systemCommand, NULL);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:716:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system ("ls -al > /tmp/motifshell.tmp");
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:719:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system ("rm -r /tmp/motifshell.tmp");
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:727:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system ("ps a > /tmp/motifshell.tmp");
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:729:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system ("ps -a > /tmp/motifshell.tmp");
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:733:2: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system ("rm -r /tmp/motifshell.tmp");
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:904:3: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system ("touch /tmp/motifshell.tmp");
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:905:3: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system ("rm -r /tmp/motifshell.tmp");
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:917:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename, "%s.c", argv[0]);
data/motif-2.3.8/demos/unsupported/uilsymdump/uilsymdump.c:71:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (uid_name, file_name); strcat (uid_name, ".uid");
data/motif-2.3.8/demos/unsupported/uilsymdump/uilsymdump.c:72:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (listing_name, file_name); strcat (listing_name, ".lis");
data/motif-2.3.8/demos/unsupported/xmapdef/xmapdef.c:412:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(format, name);
data/motif-2.3.8/demos/unsupported/xmfonts/xmfonts.c:313:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (message, "Unable to load font: %s", name);
data/motif-2.3.8/demos/unsupported/xmfonts/xmfonts.c:317:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (message, "\
data/motif-2.3.8/lib/Mrm/IDB.h:96:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access; /* URMaPrivate or URMaPublic */
data/motif-2.3.8/lib/Mrm/IDB.h:108:25: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
swap2bytes(deh->access) ; \
data/motif-2.3.8/lib/Mrm/IDB.h:568:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access ; /* URMReadAccess or URMWriteAccess */
data/motif-2.3.8/lib/Mrm/Mrm.h:247:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access ; /* URMaPrivate or URMaPublic */
data/motif-2.3.8/lib/Mrm/Mrm.h:269:42: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
#define UrmRCAccess(context) ((context)->access)
data/motif-2.3.8/lib/Mrm/Mrm.h:476:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access ; /* URMReadAccess or
data/motif-2.3.8/lib/Mrm/Mrm.h:569:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access; /* URMaPublic or URMaPrivate */
data/motif-2.3.8/lib/Mrm/Mrm.h:616:58: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
#define UrmWRPAccess(context) (UrmWRWidgetRec(context)->access)
data/motif-2.3.8/lib/Mrm/Mrm.h:882:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmSCode access ; /* URMaPublic or URMaPrivate */
data/motif-2.3.8/lib/Mrm/Mrm.h:915:11: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmFlag access ; /* Public/private - URMaPublic or
data/motif-2.3.8/lib/Mrm/Mrm.h:1390:15: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access ,
data/motif-2.3.8/lib/Mrm/Mrm.h:1586:15: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access ,
data/motif-2.3.8/lib/Mrm/Mrm.h:1797:18: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access ,
data/motif-2.3.8/lib/Mrm/Mrm.h:1818:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access ,
data/motif-2.3.8/lib/Mrm/Mrm.h:1847:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access ,
data/motif-2.3.8/lib/Mrm/Mrm.h:1859:15: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access ,
data/motif-2.3.8/lib/Mrm/Mrm.h:1883:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access ,
data/motif-2.3.8/lib/Mrm/MrmIbuffer.c:234:41: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
(*buffer_return)->access = file_id->access; \
data/motif-2.3.8/lib/Mrm/MrmIbuffer.c:586:39: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
(*buffer_return)->access = file_id->access ;
data/motif-2.3.8/lib/Mrm/MrmIentry.c:170:40: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
UrmRCSetAccess (context_id, datahdr->access) ;
data/motif-2.3.8/lib/Mrm/MrmIfile.c:124:15: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access,
data/motif-2.3.8/lib/Mrm/MrmIfile.c:139:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (returned_fname, name);
data/motif-2.3.8/lib/Mrm/MrmIfile.c:209:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (a_file->name, name);
data/motif-2.3.8/lib/Mrm/MrmIheader.c:189:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (file_id->db_version, hdrptr->db_version);
data/motif-2.3.8/lib/Mrm/MrmIheader.c:190:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (file_id->creator, hdrptr->creator);
data/motif-2.3.8/lib/Mrm/MrmIheader.c:191:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (file_id->creator_version, hdrptr->creator_version);
data/motif-2.3.8/lib/Mrm/MrmIheader.c:192:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (file_id->creation_date, hdrptr->creation_date);
data/motif-2.3.8/lib/Mrm/MrmIheader.c:193:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (file_id->module, hdrptr->module);
data/motif-2.3.8/lib/Mrm/MrmIheader.c:194:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (file_id->module_version, hdrptr->module_version);
data/motif-2.3.8/lib/Mrm/MrmIheader.c:205:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(errmsg, _MrmMMsg_0117, hdrptr->db_version);
data/motif-2.3.8/lib/Mrm/MrmIheader.c:213:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, idb__database_version);
data/motif-2.3.8/lib/Mrm/MrmIheader.c:221:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (errmsg, _MrmMMsg_0011, hdrptr->db_version, idb__database_version);
data/motif-2.3.8/lib/Mrm/MrmIheader.c:227:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(errmsg, _MrmMMsg_0118, idb__database_version, hdrptr->db_version);
data/motif-2.3.8/lib/Mrm/MrmIheader.c:825:40: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
UrmRCSetAccess (context_id, datahdr->access);
data/motif-2.3.8/lib/Mrm/MrmIindexw.c:625:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_index_stg, p_index_stgadr) ;
data/motif-2.3.8/lib/Mrm/MrmIindexw.c:795:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (p_index_stg, p_index_stgadr) ;
data/motif-2.3.8/lib/Mrm/MrmIindexw.c:1227:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cur_heap, ndxstg) ;
data/motif-2.3.8/lib/Mrm/MrmIindexw.c:1335:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cur_heap, ndxstg) ;
data/motif-2.3.8/lib/Mrm/MrmIswap.c:212:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(err_msg, _MrmMMsg_0020, idb_header->record_num,
data/motif-2.3.8/lib/Mrm/MrmIswap.c:293:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(err_msg, _MrmMMsg_0021,
data/motif-2.3.8/lib/Mrm/MrmIswap.c:346:26: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
swapbytes( widget_rec->access );
data/motif-2.3.8/lib/Mrm/MrmIswap.c:435:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(err_msg,_MrmMMsg_0022,
data/motif-2.3.8/lib/Mrm/Mrmerror.c:196:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (msg, "%s: %s - %s", module, error, Urm__UT_UrmCodeString(status)) ;
data/motif-2.3.8/lib/Mrm/Mrmerror.c:209:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (urm__latest_error_msg, msg) ;
data/motif-2.3.8/lib/Mrm/Mrmhier.c:262:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_stg, "%s", _MrmMMsg_0113);
data/motif-2.3.8/lib/Mrm/Mrmhier.c:265:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_stg, "%s", _MrmMMsg_0114);
data/motif-2.3.8/lib/Mrm/Mrmhier.c:749:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_stg, _MrmMMsg_0031, name) ;
data/motif-2.3.8/lib/Mrm/Mrmhier.c:759:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_stg, _MrmMMsg_0032, resolvedname) ;
data/motif-2.3.8/lib/Mrm/Mrmhier.c:763:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_stg, _MrmMMsg_0031, resolvedname) ;
data/motif-2.3.8/lib/Mrm/Mrmicon.c:302:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0033, filename);
data/motif-2.3.8/lib/Mrm/Mrmicon.c:1135:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0038,
data/motif-2.3.8/lib/Mrm/Mrmicon.c:1140:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0038,
data/motif-2.3.8/lib/Mrm/Mrmicon.c:1158:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0038,
data/motif-2.3.8/lib/Mrm/Mrmicon.c:1163:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0039,
data/motif-2.3.8/lib/Mrm/Mrmicon.c:1173:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err_msg, "%s", _MrmMMsg_0040);
data/motif-2.3.8/lib/Mrm/Mrmicon.c:1187:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0041,
data/motif-2.3.8/lib/Mrm/Mrmicon.c:1210:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0038,
data/motif-2.3.8/lib/Mrm/Mrmicon.c:1215:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0038,
data/motif-2.3.8/lib/Mrm/Mrmicon.c:1233:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0038,
data/motif-2.3.8/lib/Mrm/Mrmicon.c:1238:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0039,
data/motif-2.3.8/lib/Mrm/Mrmicon.c:1249:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "%s", _MrmMMsg_0040);
data/motif-2.3.8/lib/Mrm/Mrmlread.c:125:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0042, index);
data/motif-2.3.8/lib/Mrm/Mrmlread.c:688:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err_msg, "%s", _MrmMMsg_0040);
data/motif-2.3.8/lib/Mrm/Mrmmodule.c:146:15: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access,
data/motif-2.3.8/lib/Mrm/Mrmmodule.c:190:31: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
UrmRCSetAccess (context_id, access) ;
data/motif-2.3.8/lib/Mrm/Mrmptrlist.c:342:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (newstg, stg) ;
data/motif-2.3.8/lib/Mrm/Mrmtime.c:116:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(time_stg, result);
data/motif-2.3.8/lib/Mrm/Mrmvm.c:107:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (new_stg, stg) ;
data/motif-2.3.8/lib/Mrm/Mrmwci.c:200:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cldesc->creator_name, create_name);
data/motif-2.3.8/lib/Mrm/Mrmwci.c:348:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0051, class_name);
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:309:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0052, child_idx) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:315:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0053, childptr->key.id) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:319:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0054, childptr->type) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:878:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(c_name_tmp, "*%s", c_name);
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:1367:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0061,
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:1379:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0039,
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:1388:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (err_msg, "%s", _MrmMMsg_0040);
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:1426:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0062,
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:1536:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0062, argptr->tag_code) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:1585:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0062, argptr->tag_code) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:1970:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (&return_val[count], add_string);
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2070:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(err_msg, _MrmMMsg_0111, (*val)) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2092:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0064, (String)(*val)) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2113:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0065, (String)(*val)) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2172:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0066, (String)(*val)) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2220:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0070, fontstg);
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2245:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(err_msg, _MrmMMsg_0071, fontstg);
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2306:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0070, fontstg);
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2330:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(err_msg, _MrmMMsg_0071, fontstg);
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2337:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(err_msg, _MrmMMsg_0072, fontstg);
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2358:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0073,
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2372:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0074,
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2403:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0061, (String)(colorptr->desc.name)) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2415:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0039,
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2424:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err_msg, "%s", _MrmMMsg_0040);
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2447:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0065, (String)(*val)) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2457:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0075, (String)(*val)) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2467:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0076, (String)(*val)) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2692:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (char8_dst, char8_src) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2924:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0077, resptr->key.index) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2935:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0078, resptr->key.id) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2943:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf ( err_msg, _MrmMMsg_0079, resptr->type) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:3085:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0080, cttype) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:3093:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0081, iconptr->ct_type) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:3144:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0082, ctype) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:3151:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf ( err_msg, _MrmMMsg_0083, citem->type) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:3246:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0084, rtn_name) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:3436:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0086, resptr->key.index) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:3442:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (err_msg, _MrmMMsg_0087, resptr->key.id) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:3447:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf ( err_msg, _MrmMMsg_0088, resptr->type) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:146:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access,
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:176:23: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
widgetrec->access = access ;
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:784:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access,
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:814:18: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
(context_id, access, group, type, key_type, index, resource_id, &offset) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:1386:16: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access,
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:1429:18: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
(context_id, access, group, type, key_type, index, resource_id, &offset) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:1642:13: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access,
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:1676:22: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
childptr->access = access ;
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:2176:14: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
MrmCode access,
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:2209:25: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
resdesc->access = access ;
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:2214:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (resdesc->key.index, index) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:2223:25: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
resdesc->access = access ;
data/motif-2.3.8/lib/Mrm/Mrmwrefs.c:196:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((String)refdsc+new_offs, w_name);
data/motif-2.3.8/lib/Mrm/Mrmwrefs.c:323:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (svdesc->tagname, argname);
data/motif-2.3.8/lib/Mrm/Mrmwrefs.c:330:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (errmsg, _MrmMMsg_0108, argtag);
data/motif-2.3.8/lib/Mrm/Mrmwrefs.c:409:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (svdesc->tagname, argname);
data/motif-2.3.8/lib/Mrm/Mrmwrefs.c:416:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (errmsg, _MrmMMsg_0108, argtag);
data/motif-2.3.8/lib/Mrm/Mrmwvalues.c:187:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (resptr->key.index, (char*)args[ndx].value) ;
data/motif-2.3.8/lib/Mrm/Mrmwwrite.c:130:42: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
UrmRCSetAccess (context_id, widgetrec->access) ;
data/motif-2.3.8/lib/Xm/ClipWindow.c:305:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tmp, keystring);
data/motif-2.3.8/lib/Xm/ClipWindow.c:307:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tmp, keys[i].action); /* actions contain line separators. */
data/motif-2.3.8/lib/Xm/ColorObj.c:538:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(names[i], "%s%d", XmSCUSTOMIZE_DATA, i);
data/motif-2.3.8/lib/Xm/ColorS.c:415:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(message_buffer, BUFSIZ, XmNunparsableColorMsg, temp);
data/motif-2.3.8/lib/Xm/ColorS.c:580:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(string_buffer, BUFSIZ, XmNunparsableColorMsg, newValue);
data/motif-2.3.8/lib/Xm/ColorS.c:977:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_label, "%s (%s)", XmColorS_color_name(csw), buf);
data/motif-2.3.8/lib/Xm/ColorS.c:982:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_label, "%s", buf);
data/motif-2.3.8/lib/Xm/ColorS.c:1013:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_label, "%s (%s)", XmColorS_color_name(csw), buf);
data/motif-2.3.8/lib/Xm/ColorS.c:1302:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(string_buffer, BUFSIZ,
data/motif-2.3.8/lib/Xm/Column.c:1137:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, XtName(new_w));
data/motif-2.3.8/lib/Xm/CutPaste.c:1365:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf( item, atomname_format, format_name );
data/motif-2.3.8/lib/Xm/DataF.c:5106:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(insert_string, params[i]);
data/motif-2.3.8/lib/Xm/DataF.c:7326:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(total_tmp_value, tmp_value[i]);
data/motif-2.3.8/lib/Xm/DataF.c:8629:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(event_bindings, EventBindings4);
data/motif-2.3.8/lib/Xm/DataF.c:8631:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(event_bindings, EventBindings1);
data/motif-2.3.8/lib/Xm/DataF.c:8632:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(event_bindings, EventBindings2);
data/motif-2.3.8/lib/Xm/DataF.c:8633:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(event_bindings, EventBindings3);
data/motif-2.3.8/lib/Xm/DataF.c:8875:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(warn_str, MSG5, *curr_str);
data/motif-2.3.8/lib/Xm/DataF.c:8893:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(warn_str, MSG5, *curr_str);
data/motif-2.3.8/lib/Xm/DataF.c:8949:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(warn_str, WC_MSG1, scratch);
data/motif-2.3.8/lib/Xm/DataF.c:8964:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(warn_str, WC_MSG1, scratch);
data/motif-2.3.8/lib/Xm/DataF.c:9762:14: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(total_tmp_value, tmp_value[i]);
data/motif-2.3.8/lib/Xm/DataF.c:12398:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(total_tmp_value, tmp_value[i]);
data/motif-2.3.8/lib/Xm/DataFSel.c:193:14: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(total_tmp_value, tmp_value[i]);
data/motif-2.3.8/lib/Xm/DialogS.c:829:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( ds_name, name) ;
data/motif-2.3.8/lib/Xm/DialogS.c:830:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( ds_name, XmDIALOG_SUFFIX) ;
data/motif-2.3.8/lib/Xm/DragBS.c:1453:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(atomname, "%s%d", "_MOTIF_ATOM_", i);
data/motif-2.3.8/lib/Xm/DropSMgr.c:113:19: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DPRINT(x) printf x
data/motif-2.3.8/lib/Xm/DropSMgrI.c:217:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, MESSAGE3,
data/motif-2.3.8/lib/Xm/DropSMgrI.c:231:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, MESSAGE3,
data/motif-2.3.8/lib/Xm/EditresCom.c:899:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pbuf, "A%s", msg2);
data/motif-2.3.8/lib/Xm/EditresCom.c:901:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pbuf, "%s%s%s", msg1, info->event->name, msg2);
data/motif-2.3.8/lib/Xm/EditresCom.c:915:6: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(pbuf, msg, params[0]);
data/motif-2.3.8/lib/Xm/EditresCom.c:942:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pbuf, "%s%s%s%s%s", msg1, (char *)info->event->value, msg2,
data/motif-2.3.8/lib/Xm/EditresCom.c:950:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pbuf, "%s%s%s", msg1, info->event->name, msg2);
data/motif-2.3.8/lib/Xm/EditresCom.c:966:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pbuf, "%s%s%s%s%s%s%s%s", msg1, name, msg2, type,
data/motif-2.3.8/lib/Xm/EditresCom.c:1661:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&buffer[strlen(buffer)], " (%s)", res->resource_type);
data/motif-2.3.8/lib/Xm/FileSB.c:2018:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( qualifiedMask, qualifiedDir) ;
data/motif-2.3.8/lib/Xm/FileSB.c:2019:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &qualifiedMask[qDirLen], qualifiedPattern) ;
data/motif-2.3.8/lib/Xm/FileSB.c:2050:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( valueString, dirStr) ;
data/motif-2.3.8/lib/Xm/FileSB.c:2051:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &valueString[dirLen], fileStr) ;
data/motif-2.3.8/lib/Xm/FileSB.c:2154:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( maskString, dirString) ;
data/motif-2.3.8/lib/Xm/FileSB.c:2155:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &maskString[len], patternString) ;
data/motif-2.3.8/lib/Xm/FileSB.c:2441:29: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( maskString, dirString) ;
data/motif-2.3.8/lib/Xm/FileSB.c:2442:29: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &maskString[len], patternString) ;
data/motif-2.3.8/lib/Xm/FileSB.c:3144:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( itemString, dir) ;
data/motif-2.3.8/lib/Xm/FileSB.c:3145:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &itemString[dirLen], mask) ;
data/motif-2.3.8/lib/Xm/FontS.c:620:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(any_fam->fixed_spacing, DEFAULT_FIXED_SPACING);
data/motif-2.3.8/lib/Xm/FontS.c:851:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp, str);
data/motif-2.3.8/lib/Xm/FontS.c:1103:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fam->fixed_spacing, font->spacing);
data/motif-2.3.8/lib/Xm/FontS.c:1159:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fam->fixed_spacing, DEFAULT_FIXED_SPACING);
data/motif-2.3.8/lib/Xm/FontS.c:1161:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fam->fixed_spacing, font->spacing);
data/motif-2.3.8/lib/Xm/FontS.c:1228:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "Font '%s'\nis not available on this machine", font);
data/motif-2.3.8/lib/Xm/FontS.c:1269:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(right_buf, ptr);
data/motif-2.3.8/lib/Xm/FontS.c:1270:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(left_buf, font);
data/motif-2.3.8/lib/Xm/FontS.c:1272:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fbuf, "%s-140%s", left_buf, right_buf);
data/motif-2.3.8/lib/Xm/FontS.c:1277:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,
data/motif-2.3.8/lib/Xm/FontS.c:1285:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,
data/motif-2.3.8/lib/Xm/FontS.c:1375:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(point_size, STAR_STRING);
data/motif-2.3.8/lib/Xm/FontS.c:1380:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(res_x, STAR_STRING);
data/motif-2.3.8/lib/Xm/FontS.c:1385:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(res_y, STAR_STRING);
data/motif-2.3.8/lib/Xm/FontS.c:1396:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "-*-%s-%s-%s-*-*-*-%s-%s-%s-%s-*-%s",
data/motif-2.3.8/lib/Xm/FontS.c:1454:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cf->slant, XrmQuarkToString(fam->italic_nameq));
data/motif-2.3.8/lib/Xm/FontS.c:1456:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cf->slant, XrmQuarkToString(fam->upright_nameq));
data/motif-2.3.8/lib/Xm/FontS.c:1488:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cf->spacing, STAR_STRING);
data/motif-2.3.8/lib/Xm/FontS.c:1493:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cf->spacing, PROPORTIONAL_SPACING);
data/motif-2.3.8/lib/Xm/FontS.c:1499:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cf->spacing, fam->fixed_spacing);
data/motif-2.3.8/lib/Xm/FontS.c:1504:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cf->spacing, STAR_STRING);
data/motif-2.3.8/lib/Xm/FontS.c:1867:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "--%s-%s-%s----0-%d-%d-*--%s",
data/motif-2.3.8/lib/Xm/FontS.c:3073:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cf->slant, XrmQuarkToString(family->italic_nameq));
data/motif-2.3.8/lib/Xm/FontS.c:3075:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cf->slant, XrmQuarkToString(family->upright_nameq));
data/motif-2.3.8/lib/Xm/GeoUtils.c:2754:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf( subhdr, "%si: %d ", hdr, num) ;
data/motif-2.3.8/lib/Xm/GeoUtils.c:2783:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
{ sprintf( subhdr, "%srow: %d, col: %d, ", hdr, row, col) ;
data/motif-2.3.8/lib/Xm/IconFile.c:500:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return (access(path, R_OK) == 0 && /* exists and is readable */
data/motif-2.3.8/lib/Xm/IconFile.c:607:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(stackString, homedir) ;
data/motif-2.3.8/lib/Xm/List.c:941:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xlats, ListXlations1);
data/motif-2.3.8/lib/Xm/List.c:942:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(xlats, ListXlations2);
data/motif-2.3.8/lib/Xm/List.c:9934:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, name);
data/motif-2.3.8/lib/Xm/Obso1_2.c:1583:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( itemString, dir) ;
data/motif-2.3.8/lib/Xm/Obso1_2.c:1584:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( &itemString[dirLen], mask) ;
data/motif-2.3.8/lib/Xm/Obso1_2.c:1857:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_s, "ISO%s", charset);
data/motif-2.3.8/lib/Xm/Obso1_2.c:2005:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(data, RC_MenuAccelerator(rc));
data/motif-2.3.8/lib/Xm/Obso2_0.c:245:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tmp, keystring);
data/motif-2.3.8/lib/Xm/Obso2_0.c:247:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tmp,keys[i].action);
data/motif-2.3.8/lib/Xm/Obso2_0.c:456:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(default_background_color_spec, new_color_spec);
data/motif-2.3.8/lib/Xm/RepType.c:1186:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(TmpStr[Index] + PrefixSize, StrArray[Index]);
data/motif-2.3.8/lib/Xm/RepType.c:1683:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(in_str, "%s %d", reverse_message, in_value);
data/motif-2.3.8/lib/Xm/ResConvert.c:1864:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( work_str, in_str) ;
data/motif-2.3.8/lib/Xm/ResConvert.c:2017:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(work_str, in_str);
data/motif-2.3.8/lib/Xm/ResConvert.c:2026:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dataPtr, cs_str);
data/motif-2.3.8/lib/Xm/ResEncod.c:614:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&rval[i], EncodingRegistryTag(current));
data/motif-2.3.8/lib/Xm/ResEncod.c:619:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&rval[i], EncodingRegistryEncoding(current));
data/motif-2.3.8/lib/Xm/ResEncod.c:2767:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *) temp, tag);
data/motif-2.3.8/lib/Xm/RowColumn.c:1775:49: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
RC_MenuAccelerator(new_w) = (String)strcpy(XtMalloc( XmStrlen(
data/motif-2.3.8/lib/Xm/RowColumn.c:1842:50: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
RC_MenuAccelerator(new_w) = (String)strcpy(XtMalloc( XmStrlen(
data/motif-2.3.8/lib/Xm/RowColumn.c:2433:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tmp, ks);
data/motif-2.3.8/lib/Xm/RowColumn.c:3228:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf (b, POPUP_PREFIX, name);
data/motif-2.3.8/lib/Xm/RowColumn.c:4125:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(data, RC_MenuAccelerator(rc));
data/motif-2.3.8/lib/Xm/SSpinB.c:378:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(widget_name, SSB_TEXTFIELD_NAME_FORMAT, XtName(new));
data/motif-2.3.8/lib/Xm/Text.c:749:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(event_bindings, _XmTextEventBindings1);
data/motif-2.3.8/lib/Xm/Text.c:750:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(event_bindings, _XmTextEventBindings2);
data/motif-2.3.8/lib/Xm/Text.c:751:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(event_bindings, _XmTextEventBindings3);
data/motif-2.3.8/lib/Xm/Text.c:2282:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(vevent_bindings, _XmTextIn_XmTextVEventBindings);
data/motif-2.3.8/lib/Xm/Text.c:3623:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mb,call_data->text->string.multi_byte);
data/motif-2.3.8/lib/Xm/Text.c:3680:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(mb, over_mb);
data/motif-2.3.8/lib/Xm/Text.c:4207:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, name);
data/motif-2.3.8/lib/Xm/TextF.c:96:9: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
#define wcscpy(d,s) _Xwcscpy(d,s)
data/motif-2.3.8/lib/Xm/TextF.c:119:9: [4] (buffer) wcscat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
#define wcscat(w1,w2) _Xmwcscat(w1,w2)
data/motif-2.3.8/lib/Xm/TextF.c:6783:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(event_bindings, EventBindings1);
data/motif-2.3.8/lib/Xm/TextF.c:6784:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(event_bindings, EventBindings2);
data/motif-2.3.8/lib/Xm/TextF.c:6785:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(event_bindings, EventBindings3);
data/motif-2.3.8/lib/Xm/TextF.c:9164:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mb, call_data->text->string.multi_byte);
data/motif-2.3.8/lib/Xm/TextF.c:9246:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mb, call_data->text->string.multi_byte);
data/motif-2.3.8/lib/Xm/TextF.c:9252:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(mb, over_mb);
data/motif-2.3.8/lib/Xm/TextF.c:9290:13: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(wc, call_data->text->string.wide_char);
data/motif-2.3.8/lib/Xm/TextF.c:9298:13: [4] (buffer) wcscat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
wcscat(wc, over_wc);
data/motif-2.3.8/lib/Xm/Transfer.c:2308:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(total_value, values[i]);
data/motif-2.3.8/lib/Xm/TxtPropCv.c:108:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(newstring, textlist[i]);
data/motif-2.3.8/lib/Xm/TxtPropCv.c:239:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&newstring[i], *buffer);
data/motif-2.3.8/lib/Xm/TxtPropCv.c:315:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(final_string, text);
data/motif-2.3.8/lib/Xm/TxtPropCv.c:352:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(txt_value, compound_text);
data/motif-2.3.8/lib/Xm/TxtPropCv.c:419:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ptr, compound_text[i]);
data/motif-2.3.8/lib/Xm/TxtPropCv.c:546:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)bufptr, useable_text[i]);
data/motif-2.3.8/lib/Xm/VendorS.c:1820:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, header, name, s_class);
data/motif-2.3.8/lib/Xm/VendorS.c:1827:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void) sprintf(&buf[strlen(buf)], buf2, par[0], par[1], par[2], par[3],
data/motif-2.3.8/lib/Xm/VendorS.c:1830:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, buf2);
data/motif-2.3.8/lib/Xm/VendorS.c:1837:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (&buf2[pos], bp);
data/motif-2.3.8/lib/Xm/VirtKeys.c:881:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*binding, line);
data/motif-2.3.8/lib/Xm/VirtKeys.c:909:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (vendorV, "%s %d", vendor, VendorRelease(display));
data/motif-2.3.8/lib/Xm/VirtKeys.c:1025:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*binding, currDefault->defaults);
data/motif-2.3.8/lib/Xm/VirtKeys.c:1035:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (*binding, defaultFallbackBindings);
data/motif-2.3.8/lib/Xm/XmExtUtil.c:398:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(text, newText);
data/motif-2.3.8/lib/Xm/XmExtUtil.c:438:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(text, newText);
data/motif-2.3.8/lib/Xm/XmIm.c:1074:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
cp = strcpy(tmp,cp);
data/motif-2.3.8/lib/Xm/XmIm.c:2253:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tmp,cp);
data/motif-2.3.8/lib/Xm/XmRenderT.c:2638:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, src);\
data/motif-2.3.8/lib/Xm/XmRenderT.c:2664:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(CVTtransfervector, CVTproperties[i]);
data/motif-2.3.8/lib/Xm/XmRenderT.c:2671:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, CVTtransfervector);
data/motif-2.3.8/lib/Xm/XmRenderT.c:2680:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "\"%s\", ", _XmRendTag(rendition));
data/motif-2.3.8/lib/Xm/XmRenderT.c:2687:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%d \"%s\" %d,", _XmRendFontType(rendition),
data/motif-2.3.8/lib/Xm/XmString.c:5960:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *)((_XmStringOptSeg)(entry))->data.chars, (char *)val)) :
data/motif-2.3.8/lib/Xm/Xmos.c:165:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dirCacheName, qDirName);
data/motif-2.3.8/lib/Xm/Xmos.c:184:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dirCache[numCacheEntries]->file_name, entryName);
data/motif-2.3.8/lib/Xm/Xmos.c:187:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&dirCacheName[dirCacheNameLen], entryName);
data/motif-2.3.8/lib/Xm/Xmos.c:248:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outputBuf, userDir);
data/motif-2.3.8/lib/Xm/Xmos.c:249:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&outputBuf[userDirLen], (dirSpec + 1));
data/motif-2.3.8/lib/Xm/Xmos.c:270:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outputBuf, pwd_value->pw_dir);
data/motif-2.3.8/lib/Xm/Xmos.c:271:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&outputBuf[userDirLen], srcPtr);
data/motif-2.3.8/lib/Xm/Xmos.c:278:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outputBuf, dirSpec);
data/motif-2.3.8/lib/Xm/Xmos.c:286:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outputBuf, destPtr);
data/motif-2.3.8/lib/Xm/Xmos.c:288:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&outputBuf[userDirLen], dirSpec);
data/motif-2.3.8/lib/Xm/Xmos.c:464:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fSpec, filterSpec);
data/motif-2.3.8/lib/Xm/Xmos.c:480:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dSpec, dirSpec);
data/motif-2.3.8/lib/Xm/Xmos.c:836:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(entryPtr, qualifiedDir);
data/motif-2.3.8/lib/Xm/Xmos.c:837:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&entryPtr[dirLen], dirName);
data/motif-2.3.8/lib/Xm/Xmos.c:882:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(entryPtr, dirName);
data/motif-2.3.8/lib/Xm/Xmos.c:1026:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (homeDir, ptr);
data/motif-2.3.8/lib/Xm/Xmos.c:1163:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, pwd);
data/motif-2.3.8/lib/Xm/Xmos.c:1175:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, pwd);
data/motif-2.3.8/lib/Xm/Xmos.c:1205:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(filePart, &path[2]);
data/motif-2.3.8/lib/Xm/Xmos.c:1208:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void) strcat(buf, &path[1]);
data/motif-2.3.8/lib/Xm/Xmos.c:1248:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(path, PATH_DEFAULT, homedir, homedir, homedir,
data/motif-2.3.8/lib/Xm/Xmos.c:1258:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(path, XAPPLRES_DEFAULT,
data/motif-2.3.8/lib/Xm/Xmos.c:1268:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (path, local_path);
data/motif-2.3.8/lib/Xm/Xmos.c:1329:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fileName, file);
data/motif-2.3.8/lib/Xm/Xmos.c:1334:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (fileName, path);
data/motif-2.3.8/lib/Xm/Xmos.c:1336:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (fileName, file);
data/motif-2.3.8/lib/Xm/Xmos.c:1424:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(maskNameBuf+2, suffix);
data/motif-2.3.8/lib/Xm/Xmos_r.h:258:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((p).pws.pw_name, (p).pwp->pw_name);
data/motif-2.3.8/lib/Xm/Xmos_r.h:262:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((p).pws.pw_passwd,(p).pwp->pw_passwd);
data/motif-2.3.8/lib/Xm/Xmos_r.h:266:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((p).pws.pw_class, (p).pwp->pw_class);
data/motif-2.3.8/lib/Xm/Xmos_r.h:270:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((p).pws.pw_gecos, (p).pwp->pw_gecos);
data/motif-2.3.8/lib/Xm/Xmos_r.h:274:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((p).pws.pw_dir, (p).pwp->pw_dir);
data/motif-2.3.8/lib/Xm/Xmos_r.h:278:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((p).pws.pw_shell, (p).pwp->pw_shell);
data/motif-2.3.8/lib/Xm/Xmos_r.h:288:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((p).pws.pw_name, (p).pwp->pw_name), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:291:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((p).pws.pw_passwd,(p).pwp->pw_passwd), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:294:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((p).pws.pw_age, (p).pwp->pw_age), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:297:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((p).pws.pw_comment, (p).pwp->pw_comment), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:300:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((p).pws.pw_gecos, (p).pwp->pw_gecos), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:303:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((p).pws.pw_dir, (p).pwp->pw_dir), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:306:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((p).pws.pw_shell, (p).pwp->pw_shell), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:435:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((hp).h_name, (hp).hptr->h_name), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:441:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((sp).s_name, (sp).sptr->s_name), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:443:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((sp).s_proto, (sp).sptr->s_proto), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:685:24: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
# define _XGetlogin(p) getlogin()
data/motif-2.3.8/lib/Xm/Xmos_r.h:715:19: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
(((p).result = getlogin()) ? \
data/motif-2.3.8/lib/Xm/Xmos_r.h:1055:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((p).grp.gr_name, (p).pgrp->gr_name), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:1063:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((p).grp.gr_name, (p).pgrp->gr_name), \
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:155:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ptr, buf);
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:208:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ptr + used_size, buf);
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:322:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s + *used_size, buf);
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:179:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*header, buf);
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:217:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*sptr, *sptr2);
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:283:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
*dataptr = strcpy(s, buf);
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:387:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*dataptr, *line);
data/motif-2.3.8/lib/Xm/XpmI.h:129:14: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
extern FILE *popen();
data/motif-2.3.8/lib/Xm/XpmRdFToI.c:47:10: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
# define popen _popen
data/motif-2.3.8/lib/Xm/XpmRdFToI.c:135:21: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
# define Xpms_popen popen
data/motif-2.3.8/lib/Xm/XpmWrFFrI.c:45:10: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
# define popen _popen
data/motif-2.3.8/lib/Xm/XpmWrFFrI.c:306:21: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
# define Xpms_popen popen
data/motif-2.3.8/lib/Xm/Xpmmisc.c:58:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s2, s1);
data/motif-2.3.8/lib/Xm/Xpmparse.c:63:12: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(dst, src); \
data/motif-2.3.8/lib/Xm/Xpmparse.c:67:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dst, src); \
data/motif-2.3.8/lib/Xm/Xpms_popen.c:89:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(argv[i], ptr);
data/motif-2.3.8/lib/Xm/Xpms_popen.c:153:7: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(argv[0], argv); /* search in $PATH */
data/motif-2.3.8/lib/Xm/Xpms_popen.c:155:7: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(argv[0], argv);
data/motif-2.3.8/localized/util/mkcatdefs.c:134:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (outname, "%s", mname);
data/motif-2.3.8/localized/util/mkcatdefs.c:171:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (inname, "%s", argv[i]);
data/motif-2.3.8/localized/util/mkcatdefs.c:280:2: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf (cp, "%s", msgname);
data/motif-2.3.8/localized/util/mkcatdefs.c:294:2: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf (cp+3+len, "%s", setname);
data/motif-2.3.8/localized/util/mkcatdefs.c:363:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (cp, "%s", msgname) && msgname[0]) {
data/motif-2.3.8/localized/util/mkcatdefs.c:541:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ptr->regname, tname);
data/motif-2.3.8/localized/util/mkmsgcat.c:124:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(header_name, prefix);
data/motif-2.3.8/localized/util/mkmsgcat.c:129:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(catalog_name, prefix);
data/motif-2.3.8/localized/util/mkmsgcat.c:155:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(header, OSF_COPYRIGHT_C);
data/motif-2.3.8/localized/util/mkmsgcat.c:222:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(subs, prefix);
data/motif-2.3.8/tools/wml/wmldbcreate.c:119:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(outfilename, argv[1]);
data/motif-2.3.8/tools/wml/wmllex.c:1291:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (yystringval, (XmConst char *) yytext);
data/motif-2.3.8/tools/wml/wmlouth.c:793:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (maskbuf, bit_masks[bitno]);
data/motif-2.3.8/tools/wml/wmlouth.c:885:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (outfil, bvechdr, resobj->tkname, resobj->sym_code);
data/motif-2.3.8/tools/wml/wmlouth.c:900:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (itembuf, " _BIT_MASK(sym_k_%s_object) |",
data/motif-2.3.8/tools/wml/wmlouth.c:902:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (maskbuf, itembuf);
data/motif-2.3.8/tools/wml/wmlouth.c:1011:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (outfil, bvechdr, resobj->tkname, resobj->sym_code);
data/motif-2.3.8/tools/wml/wmlouth.c:1026:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (itembuf, " _BIT_MASK(sym_k_%s_object) |",
data/motif-2.3.8/tools/wml/wmlouth.c:1028:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (maskbuf, itembuf);
data/motif-2.3.8/tools/wml/wmlouth.c:1136:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (outfil, bvechdr, childobj->tkname, childobj->sym_code);
data/motif-2.3.8/tools/wml/wmlouth.c:1150:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (itembuf, " _BIT_MASK(sym_k_%s_object) |", clsobj->tkname);
data/motif-2.3.8/tools/wml/wmlouth.c:1151:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (maskbuf, itembuf);
data/motif-2.3.8/tools/wml/wmlouth.c:1258:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (outfil, bvechdr, clsobj->tkname, clsobj->sym_code);
data/motif-2.3.8/tools/wml/wmlouth.c:1271:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (itembuf, " _BIT_MASK(sym_k_%s_object) |",
data/motif-2.3.8/tools/wml/wmlouth.c:1273:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (maskbuf, itembuf);
data/motif-2.3.8/tools/wml/wmlouth.c:1440:1: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (outfil, canned1, max_object_code);
data/motif-2.3.8/tools/wml/wmlouth.c:1453:1: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (outfil, canned2, max_arg_code);
data/motif-2.3.8/tools/wml/wmlouth.c:1466:1: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (outfil, canned3, max_reason_code);
data/motif-2.3.8/tools/wml/wmlouth.c:1479:1: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (outfil, canned4, max_enumset_code, max_enumval_code);
data/motif-2.3.8/tools/wml/wmlouth.c:1492:1: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (outfil, canned5, max_charset_code);
data/motif-2.3.8/tools/wml/wmlouth.c:1505:1: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (outfil, canned6, max_child_code);
data/motif-2.3.8/tools/wml/wmlouth.c:1627:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (outfil, valhdr, enumsetobj->sym_code);
data/motif-2.3.8/tools/wml/wmlouth.c:1910:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (uname, syncs->name);
data/motif-2.3.8/tools/wml/wmlouth.c:1915:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (uname, syncs->xms_name);
data/motif-2.3.8/tools/wml/wmlouth.c:1922:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (uname, syncs->alias_list[alias_ndx]);
data/motif-2.3.8/tools/wml/wmlouth.c:1948:1: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (outfil, canned7, lang_max);
data/motif-2.3.8/tools/wml/wmloutkey.c:196:15: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
scanres = fscanf (infil, "%s %d %s", token, &tokval, class);
data/motif-2.3.8/tools/wml/wmloutkey.c:236:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sens_name, grtok->token);
data/motif-2.3.8/tools/wml/wmloutkey.c:513:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (insens_name, sens_name);
data/motif-2.3.8/tools/wml/wmloutkey.c:578:1: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (outfil, canned2, maxlen, maxkey);
data/motif-2.3.8/tools/wml/wmloutkey.c:697:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (dststg, "sym_k_%s_arg", resobj->tkname);
data/motif-2.3.8/tools/wml/wmloutkey.c:701:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (dststg, "sym_k_%s_charset", csobj->syndef->name);
data/motif-2.3.8/tools/wml/wmloutkey.c:705:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (dststg, "sym_k_%s_enumval", esobj->syndef->name);
data/motif-2.3.8/tools/wml/wmloutkey.c:712:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (dststg, "sym_k_%s_reason", resobj->tkname);
data/motif-2.3.8/tools/wml/wmloutkey.c:719:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (dststg, "sym_k_%s_object", clsobj->tkname);
data/motif-2.3.8/tools/wml/wmloutkey.c:723:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (dststg, "sym_k_%s_child", chobj->tkname);
data/motif-2.3.8/tools/wml/wmloutkey.c:760:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dststg, grtok->token);
data/motif-2.3.8/tools/wml/wmloutkey.c:828:1: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (outfil, canned2, grtok_max_val+1);
data/motif-2.3.8/tools/wml/wmlparse.c:1395:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
{ strcpy (yynameval, (XmConst char *)yystringval); }
data/motif-2.3.8/tools/wml/wmlresolve.c:709:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Class %s does not have a convenience function",
data/motif-2.3.8/tools/wml/wmlresolve.c:854:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "CharacterSet %s does not have a StandardsName",
data/motif-2.3.8/tools/wml/wmlresolve.c:960:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg, "Gadget class %s has no widgetclass reference",
data/motif-2.3.8/tools/wml/wmlresolve.c:1753:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (errmsg,
data/motif-2.3.8/tools/wml/wmluiltok.c:882:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *)
data/motif-2.3.8/tools/wml/wmluiltok.c:890:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *)
data/motif-2.3.8/tools/wml/wmluiltok.c:896:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *)
data/motif-2.3.8/tools/wml/wmluiltok.c:902:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *)
data/motif-2.3.8/tools/wml/wmlutils.c:63:1: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dynstg, stg);
data/motif-2.3.8/clients/mwm/WmFunction.c:51:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
extern char *getenv();
data/motif-2.3.8/clients/mwm/WmFunction.c:1097:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if (((shell = getenv ("MWMSHELL")) != NULL) ||
data/motif-2.3.8/clients/mwm/WmFunction.c:1098:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
((shell = getenv ("SHELL")) != NULL))
data/motif-2.3.8/clients/mwm/WmImage.c:78:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
extern char *getenv ();
data/motif-2.3.8/clients/mwm/WmResParse.c:118:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
extern char *getenv ();
data/motif-2.3.8/clients/mwm/WmResParse.c:1752:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if((ptr = getenv("HOME")) == NULL)
data/motif-2.3.8/clients/mwm/WmResParse.c:1754:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if((ptr = getenv("USER")) != NULL)
data/motif-2.3.8/clients/mwm/WmResParse.c:7991:37: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
string = (unsigned char *) getenv ((char *)&string[1]);
data/motif-2.3.8/clients/mwm/WmResParse.c:8088:13: [3] (tmpfile) tmpnam:
Temporary file race condition (CWE-377).
(void) tmpnam (pConfigStackTop->cppName);
data/motif-2.3.8/clients/uil/UilDB.c:890:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if((ptr = (char *)getenv("HOME")) == NULL)
data/motif-2.3.8/clients/uil/UilDB.c:892:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if((ptr = (char *)getenv(USER_VAR)) != NULL)
data/motif-2.3.8/clients/uil/UilDB.c:982:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
path = (char *)getenv ("WMDPATH");
data/motif-2.3.8/clients/uil/UilDB.c:986:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
old_path = (char *)getenv ("XAPPLRESDIR");
data/motif-2.3.8/clients/uil/UilLexPars.c:2272:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((yys = getenv("YYDEBUG")) != 0)
data/motif-2.3.8/demos/programs/airport/dragsource.c:101:7: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int) XtWindow(area));
data/motif-2.3.8/demos/programs/fileview/main.c:205:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
String lang = getenv("LANG");
data/motif-2.3.8/demos/programs/hellomotifi18n/helloint.c:74:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((applresdir = (char *)getenv("XAPPLRESDIR")) == NULL ||
data/motif-2.3.8/demos/programs/workspace/wsm.c:350:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *home_name = getenv("HOME");
data/motif-2.3.8/demos/programs/workspace/wsm_cb.c:1050:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
home_name = getenv("HOME");
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:1091:17: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
if ((del_db = tempnam(NULL, "wsmD")) == NULL)
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:1096:18: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
if ((save_db = tempnam(NULL, "wsmS")) == NULL)
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:1199:17: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
if ((del_db = tempnam(NULL, "wsmD")) == NULL)
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:1204:18: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
if ((save_db = tempnam(NULL, "wsmS")) == NULL)
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:272:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((envpath = getenv("PATH")))
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:313:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((defaultcap = getenv("MOTIFSHELLFILES")))
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:601:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
set_uidpath = (getenv("UIDPATH") == NULL);
data/motif-2.3.8/lib/Xm/IconFile.c:88:38: [3] (buffer) getwd:
This does not protect against buffer overflows by itself, so use with
caution (CWE-120, CWE-20). Use getcwd instead.
#define getcwd(buf, len) ((char *) getwd(buf))
data/motif-2.3.8/lib/Xm/Png.c:117:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((p = getenv("SCREEN_GAMMA")) != NULL)
data/motif-2.3.8/lib/Xm/VirtKeys.c:1004:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((bindDir = getenv(XMBINDDIR)) == NULL)
data/motif-2.3.8/lib/Xm/XmString.c:6817:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
str = (char *)getenv(env_variable);
data/motif-2.3.8/lib/Xm/Xmos.c:94:39: [3] (buffer) getwd:
This does not protect against buffer overflows by itself, so use with
caution (CWE-120, CWE-20). Use getcwd instead.
# define getcwd(buf, len) ((char *) getwd(buf))
data/motif-2.3.8/lib/Xm/Xmos.c:1007:26: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((ptr = (char *)getenv("HOME")) == NULL)
data/motif-2.3.8/lib/Xm/Xmos.c:1009:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((ptr = (char *)getenv(USER_VAR)) != NULL)
data/motif-2.3.8/lib/Xm/Xmos.c:1154:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
String pwd = getenv ("PWD");
data/motif-2.3.8/lib/Xm/Xmos.c:1174:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((pwd = getenv("PWD")) != NULL)
data/motif-2.3.8/lib/Xm/Xmos.c:1239:28: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
local_path = (char *)getenv (env_pathname);
data/motif-2.3.8/lib/Xm/Xmos.c:1243:23: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
old_path = (char *)getenv ("XAPPLRESDIR");
data/motif-2.3.8/tools/wml/Uil.c:2272:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((yys = getenv("YYDEBUG")) != 0)
data/motif-2.3.8/tools/wml/UilLexPars.c:2272:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((yys = getenv("YYDEBUG")) != 0)
data/motif-2.3.8/tools/wml/wmlparse.c:854:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((yys = getenv("YYDEBUG")) != 0)
data/motif-2.3.8/clients/mwm/WmCEvent.c:1958:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &wmGD.savedEnterEvent, enterEvent,
data/motif-2.3.8/clients/mwm/WmCmd.c:1671:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemName[MAX_MENU_ITEMS][25];
data/motif-2.3.8/clients/mwm/WmCmd.c:1890:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemName[MAX_MENU_ITEMS][MAX_NAME_LEN + 1];
data/motif-2.3.8/clients/mwm/WmCmd.c:1960:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemName[MAX_MENU_ITEMS][MAX_NAME_LEN + 1];
data/motif-2.3.8/clients/mwm/WmColormap.c:437:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)new_cmap_window_data,(void *)cmap_window_data,
data/motif-2.3.8/clients/mwm/WmError.c:63:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *pchErrorFormatNames [NUM_E_STRINGS] = {
data/motif-2.3.8/clients/mwm/WmError.c:71:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *pchDefaultErrorFormat [NUM_E_STRINGS] = {
data/motif-2.3.8/clients/mwm/WmError.c:79:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *pchErrorFormat [NUM_E_STRINGS];
data/motif-2.3.8/clients/mwm/WmError.c:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFSIZ];
data/motif-2.3.8/clients/mwm/WmError.c:171:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFSIZ];
data/motif-2.3.8/clients/mwm/WmError.c:172:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[BUFSIZ];
data/motif-2.3.8/clients/mwm/WmError.c:179:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(message, "%d", errorEvent->request_code);
data/motif-2.3.8/clients/mwm/WmError.c:240:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[100];
data/motif-2.3.8/clients/mwm/WmError.c:327:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pch[MAXWMPATH+1];
data/motif-2.3.8/clients/mwm/WmEvent.c:1991:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&wmPB, wmGD.pWmPB, sizeof(DtWmpParseBuf));
data/motif-2.3.8/clients/mwm/WmEvent.c:2132:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (wmGD.pWmPB, &wmPB, sizeof(DtWmpParseBuf));
data/motif-2.3.8/clients/mwm/WmFeedback.c:82:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *confirm_mesg[4] = {"Switch to Default Behavior?",
data/motif-2.3.8/clients/mwm/WmFeedback.c:201:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *confirm_mesg[4] = {"Toggle to Default Behavior?",
data/motif-2.3.8/clients/mwm/WmFeedback.c:207:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *confirm_widget[4] = {"confirmDefaultBehavior",
data/motif-2.3.8/clients/mwm/WmFeedback.c:614:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (pSD->fbLocation, "(%4d,%-4d)", x, y);
data/motif-2.3.8/clients/mwm/WmFeedback.c:623:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (pSD->fbSize, "%4dx%-4d", width, height);
data/motif-2.3.8/clients/mwm/WmFunction.c:52:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
extern int atoi();
data/motif-2.3.8/clients/mwm/WmFunction.c:56:14: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
extern pid_t vfork();
data/motif-2.3.8/clients/mwm/WmFunction.c:1053:16: [2] (race) vfork:
On some old systems, vfork() permits race conditions, and it's very
difficult to use correctly (CWE-362). Use fork() instead.
if ((pid = vfork ()) == 0)
data/motif-2.3.8/clients/mwm/WmFunction.c:4547:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pch[80];
data/motif-2.3.8/clients/mwm/WmFunction.c:4572:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
scr = atoi (args);
data/motif-2.3.8/clients/mwm/WmFunction.c:4589:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pch,
data/motif-2.3.8/clients/mwm/WmFunction.c:4796:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szRes[80];
data/motif-2.3.8/clients/mwm/WmFunction.c:4800:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (szRes, "/tmp/dtwm.resources.%d", scr);
data/motif-2.3.8/clients/mwm/WmGlobal.h:1355:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fbLocation[20];
data/motif-2.3.8/clients/mwm/WmGlobal.h:1356:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fbSize[20];
data/motif-2.3.8/clients/mwm/WmGlobal.h:2348:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmpBuffer[MAXBUF]; /* replaces static buffers used */
data/motif-2.3.8/clients/mwm/WmGraphics.c:958:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy ((void *)pNewRect, (void *)prl->prect, count);
data/motif-2.3.8/clients/mwm/WmIconBox.c:866:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pWS->pSD->iconBoxSBDisplayPolicy, "all");
data/motif-2.3.8/clients/mwm/WmIconBox.c:2838:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pTmp, pIBD->IPD.placeList,
data/motif-2.3.8/clients/mwm/WmImage.c:920:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fileName[MAXWMPATH+1];
data/motif-2.3.8/clients/mwm/WmInitWs.c:426:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pch[80];
data/motif-2.3.8/clients/mwm/WmInitWs.c:1331:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[LENCBUFFER]; /* screen name & display name! */
data/motif-2.3.8/clients/mwm/WmInitWs.c:1332:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char displayName[LENCBUFFER];
data/motif-2.3.8/clients/mwm/WmInitWs.c:1435:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "%d", sNum);
data/motif-2.3.8/clients/mwm/WmInitWs.c:1841:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tmpptr, "/.dt/backdrops");
data/motif-2.3.8/clients/mwm/WmInitWs.c:1843:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tmpptr, "/etc/dt/backdrops");
data/motif-2.3.8/clients/mwm/WmInitWs.c:1859:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tmpptr, "/.dt/backdrops");
data/motif-2.3.8/clients/mwm/WmInitWs.c:1863:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (tmpptr, "/etc/dt/backdrops");
data/motif-2.3.8/clients/mwm/WmInitWs.c:2315:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char *)wmGD.screenNames[num],"%d",num%1000);
data/motif-2.3.8/clients/mwm/WmInitWs.c:2440:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/motif-2.3.8/clients/mwm/WmInitWs.c:2441:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char displayName[256];
data/motif-2.3.8/clients/mwm/WmInitWs.c:2609:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ks_ptr, repl_xref->new_name, new_len) ;
data/motif-2.3.8/clients/mwm/WmMain.c:192:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&wmGD.evLastButton, &event, sizeof (XButtonEvent));
data/motif-2.3.8/clients/mwm/WmMain.c:267:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)(XtMalloc ((unsigned int)(strlen (argv[0]) + 1)))))
data/motif-2.3.8/clients/mwm/WmMenu.c:1981:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_command_str[1024];
data/motif-2.3.8/clients/mwm/WmMenu.c:1982:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_funcargs[1024];
data/motif-2.3.8/clients/mwm/WmMenu.c:1998:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(new_funcargs, "%d %ld %ld", (int)tree->commandID,
data/motif-2.3.8/clients/mwm/WmMenu.c:2084:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char funcarg_buf[256];
data/motif-2.3.8/clients/mwm/WmMenu.c:2253:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(funcarg_buf, "%d %ld %ld", (int)tree->commandID,
data/motif-2.3.8/clients/mwm/WmMenu.c:4291:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pch[MAXWMPATH+1];
data/motif-2.3.8/clients/mwm/WmProperty.c:1099:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(unsigned char *)textList[0]);
data/motif-2.3.8/clients/mwm/WmProperty.c:1168:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (paWs,
data/motif-2.3.8/clients/mwm/WmProperty.c:1409:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (&pch[ix], "%d", pWS->backdrop.colorSet);
data/motif-2.3.8/clients/mwm/WmProperty.c:1414:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (&pch[ix], "0x%lx", pWS->backdrop.background);
data/motif-2.3.8/clients/mwm/WmProperty.c:1419:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (&pch[ix], "0x%lx", pWS->backdrop.foreground);
data/motif-2.3.8/clients/mwm/WmProperty.c:1424:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (&pch[ix], "0x%lx", pWS->backdrop.nameAtom);
data/motif-2.3.8/clients/mwm/WmProperty.c:1435:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (&pch[ix], "%d", count);
data/motif-2.3.8/clients/mwm/WmProperty.c:1445:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (&pch[ix], "0x%lx", pWS->backdrop.window);
data/motif-2.3.8/clients/mwm/WmProtocol.c:248:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wm_query_scr[32];
data/motif-2.3.8/clients/mwm/WmProtocol.c:250:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(wm_query_scr, "_MOTIF_WM_QUERY_%d",
data/motif-2.3.8/clients/mwm/WmProtocol.c:1195:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wm_scr[8];
data/motif-2.3.8/clients/mwm/WmProtocol.c:1197:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(wm_scr, "WM_S%d", DefaultScreen(DISPLAY));
data/motif-2.3.8/clients/mwm/WmResParse.c:133:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cfileName[MAXWMPATH+1];
data/motif-2.3.8/clients/mwm/WmResParse.c:148:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char line[MAXLINE+1]; /* line buffer */
data/motif-2.3.8/clients/mwm/WmResParse.c:1264:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pSD->totalSessionItems = atoi((char *)line);
data/motif-2.3.8/clients/mwm/WmResParse.c:1530:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned int) (strlen((char *)argv[xindex]) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmResParse.c:1540:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)argv[xindex]);
data/motif-2.3.8/clients/mwm/WmResParse.c:2044:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAXLOCALE];
data/motif-2.3.8/clients/mwm/WmResParse.c:2148:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fileP = fopen (pConfigStackTop->tempName, "r");
data/motif-2.3.8/clients/mwm/WmResParse.c:2172:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fileP = fopen (cfileName, "r")) != NULL)
data/motif-2.3.8/clients/mwm/WmResParse.c:2194:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fileP = fopen (cfileName, "r")) != NULL)
data/motif-2.3.8/clients/mwm/WmResParse.c:2216:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fileP = fopen (pch, "r")) != NULL)
data/motif-2.3.8/clients/mwm/WmResParse.c:2225:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fileP = fopen (wmGD.configFile, "r")) != NULL)
data/motif-2.3.8/clients/mwm/WmResParse.c:2305:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fileP = fopen (cfileName, "r")) != NULL)
data/motif-2.3.8/clients/mwm/WmResParse.c:2343:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fileP = fopen (cfileName, "r")) != NULL)
data/motif-2.3.8/clients/mwm/WmResParse.c:2371:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (((fileP = fopen (cfileName, "r")) == NULL) && LANG && *LANG)
data/motif-2.3.8/clients/mwm/WmResParse.c:2379:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fileP = fopen (cfileName, "r")) != NULL)
data/motif-2.3.8/clients/mwm/WmResParse.c:2419:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fileP = fopen (cfileName, "r")) != NULL)
data/motif-2.3.8/clients/mwm/WmResParse.c:2439:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fileP = fopen (cfileName, "r");
data/motif-2.3.8/clients/mwm/WmResParse.c:2441:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (fopen (cfileName, "r"));
data/motif-2.3.8/clients/mwm/WmResParse.c:2451:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fileP = fopen (cfileName, "r");
data/motif-2.3.8/clients/mwm/WmResParse.c:2453:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (fopen (cfileName, "r"));
data/motif-2.3.8/clients/mwm/WmResParse.c:2470:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fileP = fopen (cfileName, "r");
data/motif-2.3.8/clients/mwm/WmResParse.c:2472:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return (fopen (cfileName, "r"));
data/motif-2.3.8/clients/mwm/WmResParse.c:2487:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fileP = fopen (cfileName, "r")) != NULL)
data/motif-2.3.8/clients/mwm/WmResParse.c:2500:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fileP = fopen (cfileName, "r");
data/motif-2.3.8/clients/mwm/WmResParse.c:2518:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fileP = fopen (pConfigStackTop->cppName, "r");
data/motif-2.3.8/clients/mwm/WmResParse.c:4264:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char grpStr[MAX_GROUP_STRLEN+1];
data/motif-2.3.8/clients/mwm/WmResParse.c:4808:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ctxStr[MAX_CONTEXT_STRLEN+1];
data/motif-2.3.8/clients/mwm/WmResParse.c:6018:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char modStr[MAX_MODIFIER_STRLEN+1];
data/motif-2.3.8/clients/mwm/WmResParse.c:6308:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char eventTypeStr[MAX_EVENTTYPE_STRLEN+1];
data/motif-2.3.8/clients/mwm/WmResParse.c:6415:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keySymName[MAX_KEYSYM_STRLEN+1];
data/motif-2.3.8/clients/mwm/WmResParse.c:6793:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pch[MAXWMPATH+1];
data/motif-2.3.8/clients/mwm/WmResParse.c:6949:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pKS->pchFrom, pch0, pKS->lenFrom);
data/motif-2.3.8/clients/mwm/WmResParse.c:6978:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pKS->pchTo, pch0, len);
data/motif-2.3.8/clients/mwm/WmResParse.c:7092:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(!strncasecmp ((char *)pKeySub[i].pchFrom, (char *)pchFirst,
data/motif-2.3.8/clients/mwm/WmResParse.c:7092:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(!strncasecmp ((char *)pKeySub[i].pchFrom, (char *)pchFirst,
data/motif-2.3.8/clients/mwm/WmResParse.c:7104:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (destP, pchSub, lenSub);
data/motif-2.3.8/clients/mwm/WmResParse.c:7109:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (destP, pchFirst, startP-pchFirst);
data/motif-2.3.8/clients/mwm/WmResParse.c:7179:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
lineP = (unsigned char *) argv[argnum];
data/motif-2.3.8/clients/mwm/WmResParse.c:7237:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
lineP = (unsigned char *)argv[*pArgnum];
data/motif-2.3.8/clients/mwm/WmResParse.c:7251:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
string = (unsigned char *)argv[*pArgnum];
data/motif-2.3.8/clients/mwm/WmResParse.c:7314:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAXWMPATH+1];
data/motif-2.3.8/clients/mwm/WmResParse.c:7335:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fileP = fopen (fileName, "r")) != NULL)
data/motif-2.3.8/clients/mwm/WmResParse.c:7337:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[MBBSIZ];
data/motif-2.3.8/clients/mwm/WmResParse.c:7505:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (pAP->szExecParms, "name=");
data/motif-2.3.8/clients/mwm/WmResParse.c:7514:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (pAP->szExecParms, "title=");
data/motif-2.3.8/clients/mwm/WmResParse.c:7602:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pchCmd[MAXWMPATH+1];
data/motif-2.3.8/clients/mwm/WmResParse.c:7606:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (pchCmd, "/bin/rm ");
data/motif-2.3.8/clients/mwm/WmResParse.c:7614:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (pchCmd, "/bin/rm ");
data/motif-2.3.8/clients/mwm/WmResParse.c:7866:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pchCmd[MAXWMPATH+1];
data/motif-2.3.8/clients/mwm/WmResParse.c:7879:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (pchCmd, "/bin/rm ");
data/motif-2.3.8/clients/mwm/WmResParse.c:7894:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cfileP = fopen (pPrev->tempName, "r");
data/motif-2.3.8/clients/mwm/WmResParse.c:7898:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cfileP = fopen (pPrev->cppName, "r");
data/motif-2.3.8/clients/mwm/WmResParse.c:7902:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cfileP = fopen (pPrev->fileName, "r");
data/motif-2.3.8/clients/mwm/WmResParse.c:7910:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[MAXWMPATH+1];
data/motif-2.3.8/clients/mwm/WmResParse.c:8078:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pchCmd[MAXWMPATH+1];
data/motif-2.3.8/clients/mwm/WmResource.c:199:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dsm[2048];
data/motif-2.3.8/clients/mwm/WmResource.c:397:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dsm, "\n{\n");
data/motif-2.3.8/clients/mwm/WmResource.c:410:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dsm, " no-label f.separator\n");
data/motif-2.3.8/clients/mwm/WmResource.c:420:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dsm, " no-label f.separator\n");
data/motif-2.3.8/clients/mwm/WmResource.c:424:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(dsm, "\n}");
data/motif-2.3.8/clients/mwm/WmResource.c:5162:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
string = (unsigned char *) ppchWsNames[i];
data/motif-2.3.8/clients/mwm/WmResource.c:6073:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(XmColorData *)WmRealloc ((char *) defaultSet[setId],
data/motif-2.3.8/clients/mwm/WmWinConf.c:1564:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( (char *) &outline[SEGS_PER_DRAW], (char *) &outline[0],
data/motif-2.3.8/clients/mwm/WmWinInfo.c:2218:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[200];
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:62:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[STRSIZE]; /* The vile hacks we do in debugging code. */
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:71:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "Number of Versions: %d\nVersions: ",
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:75:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "%d", (int) request->connect.known_versions[i]);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:77:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(ptr, ", ");
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:89:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(ptr, ", ");
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:94:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "No other data for this request.\n");
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:102:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "Number of Windows with Info: %d\n",
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:110:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "Window: 0x%lX\n", request->register_window.window);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:133:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[STRSIZE]; /* The vile hacks we do in debugging code. */
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:142:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "Version: %d\n", (int) reply->connect.version);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:152:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(ptr, ", ");
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:160:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "Number of Windows with Info: %d\n",
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:168:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "No other data for this reply.\n");
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:175:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "Number of Data Attributes: %d\n", num);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:216:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Window: 0x%lX\nNumber of Data Attributes: %d\n",
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:273:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%c(%d)", win_data->data.char_ptr[i],
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:277:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", (int) win_data->data.short_ptr[i]);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:280:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%ld", win_data->data.long_ptr[i]);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:287:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, ", ");
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:320:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Global Formats - Number: %d\n", num);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:325:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Window Formats - Number: %d\n", num);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:330:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Icon Formats - Number: %d\n", num);
data/motif-2.3.8/clients/mwm/WmWsmLib/disp.c:135:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[BUFSIZ];
data/motif-2.3.8/clients/mwm/WmXSMP.c:227:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *newDiscardCmd[4];
data/motif-2.3.8/clients/mwm/WmXSMP.c:257:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
buildDBFileName(char fileNameBuf[MAXPATHLEN], Boolean doingSave)
data/motif-2.3.8/clients/mwm/WmXSMP.c:392:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
numSuffix = atoi(ptr) + 1;
data/motif-2.3.8/clients/mwm/WmXSMP.c:393:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "%d", numSuffix);
data/motif-2.3.8/clients/mwm/WmXSMP.c:401:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(wmGD.dbFileName, ".0");
data/motif-2.3.8/clients/mwm/WmXSMP.c:590:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resourceBuf[MAX_RESOURCE_LEN];
data/motif-2.3.8/clients/mwm/WmXSMP.c:630:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pCD->clientX = atoi(resourcePtr);
data/motif-2.3.8/clients/mwm/WmXSMP.c:637:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pCD->clientY = atoi(resourcePtr);
data/motif-2.3.8/clients/mwm/WmXSMP.c:646:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ICON_X(pCD) = atoi(resourcePtr);
data/motif-2.3.8/clients/mwm/WmXSMP.c:654:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ICON_Y(pCD) = atoi(resourcePtr);
data/motif-2.3.8/clients/mwm/WmXSMP.c:663:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pCD->clientWidth = atoi(resourcePtr);
data/motif-2.3.8/clients/mwm/WmXSMP.c:671:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pCD->clientHeight = atoi(resourcePtr);
data/motif-2.3.8/clients/mwm/WmXSMP.c:766:3: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(atoi(clientScreen) != proxyClientInfo->screen))
data/motif-2.3.8/clients/mwm/WmXSMP.c:838:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pCD->clientX = atoi(resourcePtr);
data/motif-2.3.8/clients/mwm/WmXSMP.c:846:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pCD->clientY = atoi(resourcePtr);
data/motif-2.3.8/clients/mwm/WmXSMP.c:855:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ICON_X(pCD) = atoi(resourcePtr);
data/motif-2.3.8/clients/mwm/WmXSMP.c:863:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ICON_Y(pCD) = atoi(resourcePtr);
data/motif-2.3.8/clients/mwm/WmXSMP.c:872:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pCD->clientWidth = atoi(resourcePtr);
data/motif-2.3.8/clients/mwm/WmXSMP.c:880:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pCD->clientHeight = atoi(resourcePtr);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1049:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char clientID[50];
data/motif-2.3.8/clients/mwm/WmXSMP.c:1061:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(clientID, "%d", clientIDNum);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resourceBuf[MAX_RESOURCE_LEN];
data/motif-2.3.8/clients/mwm/WmXSMP.c:1197:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbFileName[MAXPATHLEN];
data/motif-2.3.8/clients/mwm/WmXSMP.c:1214:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbFileName[MAXPATHLEN];
data/motif-2.3.8/clients/mwm/WmXSMP.c:1228:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(dbFileName, "w")) == (FILE *)NULL)
data/motif-2.3.8/clients/mwm/WmXSMP.c:1333:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resourceBuf[MAX_RESOURCE_LEN];
data/motif-2.3.8/clients/mwm/WmXSMP.c:1354:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pCD->pWsList[i].iconX = atoi(resourcePtr);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1363:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pCD->pWsList[i].iconY = atoi(resourcePtr);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1388:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pCD->pWsList[i].iconX = atoi(resourcePtr);
data/motif-2.3.8/clients/mwm/WmXSMP.c:1397:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pCD->pWsList[i].iconY = atoi(resourcePtr);
data/motif-2.3.8/clients/uil/UilCmd.c:122:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *rac_arg_value[ ];
data/motif-2.3.8/clients/uil/UilCmd.c:125:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *include_list [Uil_k_max_include_dir_count];
data/motif-2.3.8/clients/uil/UilCmd.c:332:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (Uil_cmd_z_command.ac_resource_file,"a.uid");
data/motif-2.3.8/clients/uil/UilDB.c:864:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dbfile = fopen (resolvedname, "r");
data/motif-2.3.8/clients/uil/UilDiags.c:191:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg_buffer[132]; /* buffer to construct message */
data/motif-2.3.8/clients/uil/UilDiags.c:192:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptr_buffer[buf_size]; /* buffer to construct pointer */
data/motif-2.3.8/clients/uil/UilDiags.c:193:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char loc_buffer[132]; /* buffer to construct location */
data/motif-2.3.8/clients/uil/UilDiags.c:194:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src_buffer[buf_size]; /* buffer to hold source line */
data/motif-2.3.8/clients/uil/UilDiags.c:1009:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char XmConst success_text[1] = "";
data/motif-2.3.8/clients/uil/UilDiags.c:1010:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char XmConst info_text[7] = "Info: ";
data/motif-2.3.8/clients/uil/UilDiags.c:1011:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char XmConst warning_text[10] = "Warning: ";
data/motif-2.3.8/clients/uil/UilDiags.c:1012:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char XmConst error_text[8] = "Error: ";
data/motif-2.3.8/clients/uil/UilDiags.c:1013:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char XmConst severe_text[9] = "Severe: ";
data/motif-2.3.8/clients/uil/UilIODef.h:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expanded_name[ 256 ];
data/motif-2.3.8/clients/uil/UilLexAna.c:90:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c_text[ 1 ];
data/motif-2.3.8/clients/uil/UilLexAna.c:874:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char class_table[ 256 ] =
data/motif-2.3.8/clients/uil/UilLexAna.c:948:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char punc_char[tok_punc_token_num] = {
data/motif-2.3.8/clients/uil/UilLexAna.c:973:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char punc2_char[2] = {'<', '>'};
data/motif-2.3.8/clients/uil/UilLexAna.c:1183:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char c_bslash_char[10] = {
data/motif-2.3.8/clients/uil/UilLexAna.c:1185:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char ab_bslash_value[9] =
data/motif-2.3.8/clients/uil/UilLexAna.c:2345:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c_buffer[l_max_lex_buffer_pos +2];
data/motif-2.3.8/clients/uil/UilLstLst.c:75:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
externaldef(uil_comp_glbl) char Uil_lst_c_title2[132];
data/motif-2.3.8/clients/uil/UilLstLst.c:80:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lst_c_title1[132];
data/motif-2.3.8/clients/uil/UilLstLst.c:258:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
az_fcb->az_file_ptr = fopen(Uil_cmd_z_command.ac_listing_file, "w");
data/motif-2.3.8/clients/uil/UilLstLst.c:420:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src_buffer[ src_k_max_source_line_length+12 ];
data/motif-2.3.8/clients/uil/UilLstLst.c:447:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(src_buffer, "%5d (%d)\t",
data/motif-2.3.8/clients/uil/UilLstLst.c:510:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer [132];
data/motif-2.3.8/clients/uil/UilLstLst.c:558:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[132];
data/motif-2.3.8/clients/uil/UilLstLst.c:675:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[ BUF_LEN + 1 ], * text_ptr,
data/motif-2.3.8/clients/uil/UilLstLst.c:708:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ((char *)hex_longword, "%04X", code_offset);
data/motif-2.3.8/clients/uil/UilLstLst.c:736:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ((char *)hex_longword, "%lX", (* code_ptr));
data/motif-2.3.8/clients/uil/UilLstLst.c:739:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ((char *)hex_longword, "%08lX", (* code_ptr));
data/motif-2.3.8/clients/uil/UilLstLst.c:752:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ((char *)hex_longword, "%04X", code_offset);
data/motif-2.3.8/clients/uil/UilLstLst.c:788:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ((char *)hex_longword, "%lX", (* code_ptr));
data/motif-2.3.8/clients/uil/UilLstLst.c:791:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ((char *)hex_longword, "%08lX", (*code_ptr));
data/motif-2.3.8/clients/uil/UilLstLst.c:803:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char extra_bytes [sizeof (long)];
data/motif-2.3.8/clients/uil/UilLstLst.c:809:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ((char *)
data/motif-2.3.8/clients/uil/UilLstLst.c:813:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ((char *)
data/motif-2.3.8/clients/uil/UilLstLst.c:882:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[ src_k_max_source_line_length + 3 ];
data/motif-2.3.8/clients/uil/UilLstLst.c:977:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[132];
data/motif-2.3.8/clients/uil/UilLstMac.c:188:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer [132];
data/motif-2.3.8/clients/uil/UilLstMac.c:199:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "Resource ID: %08lX", widget_entry->resource_id);
data/motif-2.3.8/clients/uil/UilLstMac.c:223:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "size: %d", w_rec->size);
data/motif-2.3.8/clients/uil/UilLstMac.c:242:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "locked: ");
data/motif-2.3.8/clients/uil/UilLstMac.c:245:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buffer, "true");
data/motif-2.3.8/clients/uil/UilLstMac.c:247:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buffer, "false");
data/motif-2.3.8/clients/uil/UilLstMac.c:256:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "type: ");
data/motif-2.3.8/clients/uil/UilLstMac.c:267:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "no name specified");
data/motif-2.3.8/clients/uil/UilLstMac.c:269:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "name: offset %X (hex)",
data/motif-2.3.8/clients/uil/UilLstMac.c:282:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "class: builtin");
data/motif-2.3.8/clients/uil/UilLstMac.c:284:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "class: offset %X (hex)",
data/motif-2.3.8/clients/uil/UilLstMac.c:297:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "no argument list");
data/motif-2.3.8/clients/uil/UilLstMac.c:299:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "argument list offset: %X (hex)", w_rec->arglist_offs);
data/motif-2.3.8/clients/uil/UilLstMac.c:311:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "no children");
data/motif-2.3.8/clients/uil/UilLstMac.c:313:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "children list offset: %X (hex)",
data/motif-2.3.8/clients/uil/UilLstMac.c:326:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "no comment specified");
data/motif-2.3.8/clients/uil/UilLstMac.c:328:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "comment: offset %X (hex)",
data/motif-2.3.8/clients/uil/UilLstMac.c:341:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "no creation callback");
data/motif-2.3.8/clients/uil/UilLstMac.c:343:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "creation callback offset: %X (hex)",
data/motif-2.3.8/clients/uil/UilLstMac.c:392:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer [132], * ptr;
data/motif-2.3.8/clients/uil/UilLstMac.c:446:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "argument count: %d", argdesc->count);
data/motif-2.3.8/clients/uil/UilLstMac.c:455:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "related argument count: %d", argdesc->extra);
data/motif-2.3.8/clients/uil/UilLstMac.c:495:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "(%d) no tag offset", j);
data/motif-2.3.8/clients/uil/UilLstMac.c:497:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "(%d) tag offset: %X (hex)",
data/motif-2.3.8/clients/uil/UilLstMac.c:520:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "(%d) ", j);
data/motif-2.3.8/clients/uil/UilLstMac.c:543:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "floating point value: %g", (* dptr));
data/motif-2.3.8/clients/uil/UilLstMac.c:557:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "Single float value: %g", (* fptr));
data/motif-2.3.8/clients/uil/UilLstMac.c:583:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "callback count: %d", cb_desc_ptr->count);
data/motif-2.3.8/clients/uil/UilLstMac.c:600:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer,
data/motif-2.3.8/clients/uil/UilLstMac.c:636:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "(%d) value: ", j);
data/motif-2.3.8/clients/uil/UilLstMac.c:657:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "resource descriptor, size: %d",
data/motif-2.3.8/clients/uil/UilLstMac.c:679:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "index, offset: %X (hex)",
data/motif-2.3.8/clients/uil/UilLstMac.c:688:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "resource ID, offset: %X (hex)",
data/motif-2.3.8/clients/uil/UilLstMac.c:696:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "unknown resource type");
data/motif-2.3.8/clients/uil/UilLstMac.c:734:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "resource id");
data/motif-2.3.8/clients/uil/UilLstMac.c:753:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "Children count: %d",
data/motif-2.3.8/clients/uil/UilLstMac.c:789:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "(%d) managed", j);
data/motif-2.3.8/clients/uil/UilLstMac.c:791:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "(%d) unmanaged", j);
data/motif-2.3.8/clients/uil/UilLstMac.c:813:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "(%d) index, offset: %X (hex)",
data/motif-2.3.8/clients/uil/UilLstMac.c:828:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer,
data/motif-2.3.8/clients/uil/UilLstMac.c:845:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "(%d) unknown class", j);
data/motif-2.3.8/clients/uil/UilLstMac.c:909:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer [132], * rc_buffer;
data/motif-2.3.8/clients/uil/UilLstMac.c:915:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "Resource ID: %08lX", value_entry->resource_id);
data/motif-2.3.8/clients/uil/UilLstMac.c:941:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buffer, "true");
data/motif-2.3.8/clients/uil/UilLstMac.c:943:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (buffer, "false");
data/motif-2.3.8/clients/uil/UilLstMac.c:960:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "value: true");
data/motif-2.3.8/clients/uil/UilLstMac.c:962:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "value: false");
data/motif-2.3.8/clients/uil/UilLstMac.c:971:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "value: %ld",
data/motif-2.3.8/clients/uil/UilLstMac.c:985:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "value[%d]: %ld",
data/motif-2.3.8/clients/uil/UilLstMac.c:998:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "value: %g",
data/motif-2.3.8/clients/uil/UilLstMac.c:1005:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "value: %g",
data/motif-2.3.8/clients/uil/UilLstMac.c:1045:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "count: %d", tv_ptr->count);
data/motif-2.3.8/clients/uil/UilLstMac.c:1112:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "(%d) unknown text entry", i);
data/motif-2.3.8/clients/uil/UilLstMac.c:1135:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "unknown value");
data/motif-2.3.8/clients/uil/UilLstMac.c:1189:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer [132];
data/motif-2.3.8/clients/uil/UilLstMac.c:1203:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "topmost count: %d", m_rec->count);
data/motif-2.3.8/clients/uil/UilLstMac.c:1587:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "value: %d", argval_ptr->datum.ival);
data/motif-2.3.8/clients/uil/UilLstMac.c:1592:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "value: true");
data/motif-2.3.8/clients/uil/UilLstMac.c:1594:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "value: false");
data/motif-2.3.8/clients/uil/UilLstMac.c:1605:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "offset: %X (hex)", argval_ptr->datum.offset);
data/motif-2.3.8/clients/uil/UilLstMac.c:1612:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "offset: %X (hex)", argval_ptr->datum.offset);
data/motif-2.3.8/clients/uil/UilLstMac.c:1617:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "offset: %X (hex)", argval_ptr->datum.offset);
data/motif-2.3.8/clients/uil/UilLstMac.c:1622:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "offset: %X (hex)", argval_ptr->datum.offset);
data/motif-2.3.8/clients/uil/UilLstMac.c:1627:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "offset: %X (hex)", argval_ptr->datum.offset);
data/motif-2.3.8/clients/uil/UilLstMac.c:1632:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "value unknown");
data/motif-2.3.8/clients/uil/UilMain.c:326:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *rac_argv[ ];
data/motif-2.3.8/clients/uil/UilMain.c:659:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp, s2, n);
data/motif-2.3.8/clients/uil/UilMain.c:660:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s1, temp, n);
data/motif-2.3.8/clients/uil/UilMain.c:667:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return((char *)memcpy(s1, s2, n));
data/motif-2.3.8/clients/uil/UilMessTab.h:33:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg0[36] = "duplicate option \"%s\" was ignored";
data/motif-2.3.8/clients/uil/UilMessTab.h:34:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg1[34] = "unknown option \"%s\" was ignored";
data/motif-2.3.8/clients/uil/UilMessTab.h:35:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg2[43] = "additional UIL source file: %s was ignored";
data/motif-2.3.8/clients/uil/UilMessTab.h:36:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg3[30] = "error opening source file: %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:37:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg4[43] = "error reading next line of source file: %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:38:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg5[19] = "Internal error: %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:39:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg6[32] = "line truncated at %d characters";
data/motif-2.3.8/clients/uil/UilMessTab.h:40:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg7[31] = "value of %s is out of range %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:41:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg8[21] = "%s not terminated %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:42:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg9[37] = "unprintable character \\%d\\ ignored";
data/motif-2.3.8/clients/uil/UilMessTab.h:43:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg10[32] = "unknown sequence \"%s\" ignored";
data/motif-2.3.8/clients/uil/UilMessTab.h:44:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg11[46] = "unknown escape sequence \"\\%c\" - \\ ignored";
data/motif-2.3.8/clients/uil/UilMessTab.h:45:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg12[46] = "name exceeds %d characters - truncated to: %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:46:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg13[35] = "compiler ran out of virtual memory";
data/motif-2.3.8/clients/uil/UilMessTab.h:47:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg14[56] = "unexpected %s token seen - parsing resumes after \"%c\"";
data/motif-2.3.8/clients/uil/UilMessTab.h:48:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg15[44] = "%s %s must be defined before this reference";
data/motif-2.3.8/clients/uil/UilMessTab.h:49:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg16[41] = "context requires a %s - %s was specified";
data/motif-2.3.8/clients/uil/UilMessTab.h:50:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg17[26] = "%s is not implemented yet";
data/motif-2.3.8/clients/uil/UilMessTab.h:51:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg18[39] = "found %s value when expecting %s value";
data/motif-2.3.8/clients/uil/UilMessTab.h:52:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg19[45] = "the %s %s is not supported for the %s object";
data/motif-2.3.8/clients/uil/UilMessTab.h:53:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg20[62] = "this %s %s is superseded by the last definition in this %s %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:54:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg21[33] = "name %s previously defined as %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:55:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg22[43] = "value used in this context must be private";
data/motif-2.3.8/clients/uil/UilMessTab.h:56:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg23[55] = "procedure %s was previously declared with %d arguments";
data/motif-2.3.8/clients/uil/UilMessTab.h:57:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg24[56] = "found %s value - procedure %s argument must be %s value";
data/motif-2.3.8/clients/uil/UilMessTab.h:58:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg25[33] = "found %s %s when expecting %s %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:59:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg26[24] = "%s %s was never defined";
data/motif-2.3.8/clients/uil/UilMessTab.h:60:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg27[39] = "%s %s already specified for this %s %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:61:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg28[29] = "%s item not allowed in %s %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:62:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg29[45] = "compilation terminated - fix previous errors";
data/motif-2.3.8/clients/uil/UilMessTab.h:63:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg30[38] = "internal error - submit defect report";
data/motif-2.3.8/clients/uil/UilMessTab.h:64:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg31[2] = " ";
data/motif-2.3.8/clients/uil/UilMessTab.h:65:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg32[35] = "%s missing following \"%s\" option";
data/motif-2.3.8/clients/uil/UilMessTab.h:66:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg33[31] = "error opening listing file: %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:67:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg34[34] = "error writing to listing file: %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:68:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg35[51] = "invalid module structure - check UIL module syntax";
data/motif-2.3.8/clients/uil/UilMessTab.h:69:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg36[31] = "too many source files open: %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:70:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg37[38] = "source line contains a null character";
data/motif-2.3.8/clients/uil/UilMessTab.h:71:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg38[45] = "errors: %d warnings: %d informationals: %d";
data/motif-2.3.8/clients/uil/UilMessTab.h:72:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg39[27] = "error opening UID file: %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:73:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg40[25] = "no UID file was produced";
data/motif-2.3.8/clients/uil/UilMessTab.h:74:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg41[53] = "creation procedure is not supported by the %s widget";
data/motif-2.3.8/clients/uil/UilMessTab.h:75:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg42[59] = "creation procedure is not allowed in a %s widget reference";
data/motif-2.3.8/clients/uil/UilMessTab.h:76:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg43[58] = "creation procedure is required in a %s widget declaration";
data/motif-2.3.8/clients/uil/UilMessTab.h:77:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg44[46] = "a NULL character in a string is not supported";
data/motif-2.3.8/clients/uil/UilMessTab.h:78:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg45[43] = "widget %s is part of a circular definition";
data/motif-2.3.8/clients/uil/UilMessTab.h:79:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg46[25] = "no source file specified";
data/motif-2.3.8/clients/uil/UilMessTab.h:80:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg47[35] = "%s %s supports only a single %s %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:81:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg48[41] = "%s widget supports only a single control";
data/motif-2.3.8/clients/uil/UilMessTab.h:82:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg49[22] = "unknown character set";
data/motif-2.3.8/clients/uil/UilMessTab.h:83:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg50[47] = "place names clause before other module clauses";
data/motif-2.3.8/clients/uil/UilMessTab.h:84:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg51[47] = "color letter string must be a single character";
data/motif-2.3.8/clients/uil/UilMessTab.h:85:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg52[48] = "color letter used for prior color in this table";
data/motif-2.3.8/clients/uil/UilMessTab.h:86:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg53[37] = "row %d must have same width as row 1";
data/motif-2.3.8/clients/uil/UilMessTab.h:87:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg54[52] = "row %d, column %d: letter \"%c\" not in color table";
data/motif-2.3.8/clients/uil/UilMessTab.h:88:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg55[32] = "too many %ss in %s, limit is %d";
data/motif-2.3.8/clients/uil/UilMessTab.h:89:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg56[48] = "Subqualifier not allowed with negated qualifier";
data/motif-2.3.8/clients/uil/UilMessTab.h:90:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg57[60] = "%s gadget is not supported - %s widget will be used instead";
data/motif-2.3.8/clients/uil/UilMessTab.h:91:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg58[28] = "%s type is not valid for %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:92:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg59[66] = "support for this character set may be removed in a future release";
data/motif-2.3.8/clients/uil/UilMessTab.h:93:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg60[49] = "the %s constraint is not supported for the %s %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:94:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg61[37] = "too many \"%s\" options, limit is %d";
data/motif-2.3.8/clients/uil/UilMessTab.h:95:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg62[30] = "error closing source file: %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:96:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg63[35] = "the %s value is circularly defined";
data/motif-2.3.8/clients/uil/UilMessTab.h:97:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg64[28] = "overriding built-in name %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:98:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg65[51] = "the %s argument does not support enumerated values";
data/motif-2.3.8/clients/uil/UilMessTab.h:99:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg66[57] = "the %s argument does not support the %s enumerated value";
data/motif-2.3.8/clients/uil/UilMessTab.h:100:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg67[40] = "$LANG contains an unknown character set";
data/motif-2.3.8/clients/uil/UilMessTab.h:101:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg68[66] = "the %s object's controls hierarchy contains a reference to itself";
data/motif-2.3.8/clients/uil/UilMessTab.h:102:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg69[41] = "value %s is too large for context buffer";
data/motif-2.3.8/clients/uil/UilMessTab.h:103:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg70[42] = "forward referencing is not allowed for %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:104:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg71[34] = "cannot convert %s type to %s type";
data/motif-2.3.8/clients/uil/UilMessTab.h:105:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg72[14] = "%s is invalid";
data/motif-2.3.8/clients/uil/UilMessTab.h:106:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg73[30] = "error reading binary database";
data/motif-2.3.8/clients/uil/UilMessTab.h:107:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg74[47] = "binary database compiled with a future version";
data/motif-2.3.8/clients/uil/UilMessTab.h:108:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg75[32] = "error opening database file: %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:109:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg76[27] = "error writing UID file: %s";
data/motif-2.3.8/clients/uil/UilMessTab.h:110:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg77[45] = "'%s' is an unknown Toolkit class record name";
data/motif-2.3.8/clients/uil/UilMessTab.h:111:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg78[26] = "invalid include file name";
data/motif-2.3.8/clients/uil/UilMessTab.h:112:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg79[49] = "incompatible unit types for arithmetic operation";
data/motif-2.3.8/clients/uil/UilMessTab.h:113:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XmConst msg80[54] = "%s used as charset name; %s used as charset component";
data/motif-2.3.8/clients/uil/UilP2Out.c:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result_file[256];
data/motif-2.3.8/clients/uil/UilP2Out.c:631:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32];
data/motif-2.3.8/clients/uil/UilP2Out.c:671:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "widget-%d-%d-%d",
data/motif-2.3.8/clients/uil/UilP2Out.c:2943:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[132];
data/motif-2.3.8/clients/uil/UilSemCSet.c:270:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uname[200]; /* upper-case character set name */
data/motif-2.3.8/clients/uil/UilSemVal.c:218:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *operator_symbol[ ] = {
data/motif-2.3.8/clients/uil/UilSemVal.c:238:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *value_text[ ] = {
data/motif-2.3.8/clients/uil/UilSrcDef.h:92:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_text[ 1 ];
data/motif-2.3.8/clients/uil/UilSrcDef.h:106:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_data[ 1 ]; /* byte alias for data */
data/motif-2.3.8/clients/uil/UilSrcDef.h:146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_text[ src_k_max_source_line_length+1];
data/motif-2.3.8/clients/uil/UilSrcSrc.c:610:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/motif-2.3.8/clients/uil/UilSrcSrc.c:642:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
az_fcb->az_file_ptr = fopen(c_file_name, "r");
data/motif-2.3.8/clients/uil/UilSrcSrc.c:667:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
az_fcb->az_file_ptr = fopen (buffer, "r");
data/motif-2.3.8/clients/uil/UilSrcSrc.c:699:28: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
az_fcb->az_file_ptr = fopen (buffer, "r");
data/motif-2.3.8/clients/uil/UilSrcSrc.c:713:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
az_fcb->az_file_ptr = fopen (buffer, "r");
data/motif-2.3.8/clients/uil/UilSymDef.h:150:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b_value[ 1 ];
data/motif-2.3.8/clients/uil/UilSymDef.h:187:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_text[ 1 ];
data/motif-2.3.8/clients/uil/UilSymDef.h:857:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[255];
data/motif-2.3.8/clients/uil/UilSymDef.h:860:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char full_file_name[255];
data/motif-2.3.8/clients/uil/UilSymDef.h:877:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[255];
data/motif-2.3.8/clients/uil/UilSymDef.h:879:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char full_file_name[255];
data/motif-2.3.8/clients/uil/UilSymStor.c:1695:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_buffer[ 71 ];
data/motif-2.3.8/config/util/checktree.c:160:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "RCS/");
data/motif-2.3.8/config/util/checktree.c:267:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "RCS/");
data/motif-2.3.8/config/util/checktree.c:269:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, ",v");
data/motif-2.3.8/config/util/checktree.c:311:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/motif-2.3.8/config/util/lndir.c:184:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXPATHLEN + 1], *p;
data/motif-2.3.8/config/util/lndir.c:185:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char symbuf[MAXPATHLEN + 1];
data/motif-2.3.8/config/util/lndir.c:186:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basesym[MAXPATHLEN + 1];
data/motif-2.3.8/config/util/lndir.c:199:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (buf, "../");
data/motif-2.3.8/config/util/makestrs.c:210:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/motif-2.3.8/config/util/makestrs.c:225:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/motif-2.3.8/config/util/makestrs.c:245:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen (phile->name, "w+")) == NULL) exit (1);
data/motif-2.3.8/config/util/makestrs.c:415:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmpl = fopen (ctmplstr, "r");
data/motif-2.3.8/config/util/makestrs.c:456:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lbuf[1024];
data/motif-2.3.8/config/util/makestrs.c:554:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((filecurrent->tmpl = fopen (buf + strlen (htmpl_str) + 1, "r")) == NULL) {
data/motif-2.3.8/config/util/makestrs.c:677:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/motif-2.3.8/config/util/makestrs.c:690:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen (argv[i], "r");
data/motif-2.3.8/demos/doc/programGuide/ch05/Scale/interface.c:99:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char help_string[400];
data/motif-2.3.8/demos/doc/programGuide/ch05/Scale/interface.c:104:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(help_string,
data/motif-2.3.8/demos/doc/programGuide/ch05/Scale/tic_mark.c:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tic_name[10];
data/motif-2.3.8/demos/doc/programGuide/ch05/Scale/tic_mark.c:113:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tic_name, "tic_%d", i);
data/motif-2.3.8/demos/doc/programGuide/ch06/combo_box/interface.c:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char help_string[400];
data/motif-2.3.8/demos/doc/programGuide/ch06/combo_box/interface.c:105:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(help_string,
data/motif-2.3.8/demos/doc/programGuide/ch06/spin_box/interface.c:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char help_string[400];
data/motif-2.3.8/demos/doc/programGuide/ch06/spin_box/interface.c:105:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(help_string,
data/motif-2.3.8/demos/doc/programGuide/ch06/spin_box/spin_box.c:65:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *months[NUM_MONTHS] =
data/motif-2.3.8/demos/doc/programGuide/ch06/spin_box/spin_box.c:71:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *letters[NUM_LETTERS] =
data/motif-2.3.8/demos/doc/programGuide/ch08/Container/interface.c:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char help_string[400];
data/motif-2.3.8/demos/doc/programGuide/ch08/Container/interface.c:105:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(help_string,
data/motif-2.3.8/demos/doc/programGuide/ch08/Notebook/interface.c:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char help_string[400];
data/motif-2.3.8/demos/doc/programGuide/ch08/Notebook/interface.c:105:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(help_string,
data/motif-2.3.8/demos/doc/programGuide/ch08/Notebook/notebook.c:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[80];
data/motif-2.3.8/demos/doc/programGuide/ch08/Notebook/notebook.c:76:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *info[PAGES_IN_NOTEBOOK+1] = {
data/motif-2.3.8/demos/doc/programGuide/ch16/UTMXmText.c:347:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char help_string[500];
data/motif-2.3.8/demos/doc/programGuide/ch16/UTMXmText.c:352:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(help_string,
data/motif-2.3.8/demos/doc/programGuide/ch17/simple_drag/simple_drag.c:186:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ValueAsAString[10];
data/motif-2.3.8/demos/doc/programGuide/ch17/simple_drag/simple_drag.c:193:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ValueAsAString, "%d", value);
data/motif-2.3.8/demos/doc/programGuide/ch17/simple_drag/simple_drag.c:197:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(passtext, ctext, strlen(ctext)+1);
data/motif-2.3.8/demos/doc/programGuide/ch17/simple_drag/simple_drag.c:276:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char help_string[500];
data/motif-2.3.8/demos/doc/programGuide/ch17/simple_drag/simple_drag.c:281:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(help_string,
data/motif-2.3.8/demos/doc/programGuide/ch17/simple_drop/simple_drop.c:335:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char help_string[400];
data/motif-2.3.8/demos/doc/programGuide/ch17/simple_drop/simple_drop.c:340:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(help_string,
data/motif-2.3.8/demos/lib/Exm/MenuB.c:561:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mnemonic_str[2];
data/motif-2.3.8/demos/lib/Exm/Panner.c:1107:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
val *= atoi (cp);
data/motif-2.3.8/demos/lib/Exm/StringTrans.c:976:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*value, text_prop.value, text_prop.nitems + 1);
data/motif-2.3.8/demos/lib/Exm/StringTrans.c:1007:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*value, text_prop.value, text_prop.nitems + 1);
data/motif-2.3.8/demos/lib/Exm/StringTrans.c:1034:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(*value, text_prop.value, text_prop.nitems + 1);
data/motif-2.3.8/demos/lib/Exm/StringTrans.c:1176:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(string, ss -> value, ss -> length);
data/motif-2.3.8/demos/lib/Exm/wml/wmldbcreate.c:98:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfilename[80];
data/motif-2.3.8/demos/lib/Exm/wml/wmldbcreate.c:99:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char debugfilename[80];
data/motif-2.3.8/demos/lib/Exm/wml/wmldbcreate.c:107:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(outfilename, "motif.wmd");
data/motif-2.3.8/demos/lib/Exm/wml/wmldbcreate.c:108:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(debugfilename, "motif.dbg");
data/motif-2.3.8/demos/lib/Exm/wml/wmldbcreate.c:122:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bfile = fopen(outfilename, "w");
data/motif-2.3.8/demos/lib/Exm/wml/wmldbcreate.c:130:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
afile = fopen(debugfilename, "w");
data/motif-2.3.8/demos/lib/Wsm/debug.c:62:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[STRSIZE]; /* The vile hacks we do in debugging code. */
data/motif-2.3.8/demos/lib/Wsm/debug.c:71:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "Number of Versions: %d\nVersions: ",
data/motif-2.3.8/demos/lib/Wsm/debug.c:75:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "%d", (int) request->connect.known_versions[i]);
data/motif-2.3.8/demos/lib/Wsm/debug.c:77:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(ptr, ", ");
data/motif-2.3.8/demos/lib/Wsm/debug.c:89:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(ptr, ", ");
data/motif-2.3.8/demos/lib/Wsm/debug.c:94:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "No other data for this request.\n");
data/motif-2.3.8/demos/lib/Wsm/debug.c:102:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "Number of Windows with Info: %d\n",
data/motif-2.3.8/demos/lib/Wsm/debug.c:110:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "Window: 0x%X\n", (unsigned)request->register_window.window);
data/motif-2.3.8/demos/lib/Wsm/debug.c:134:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[STRSIZE]; /* The vile hacks we do in debugging code. */
data/motif-2.3.8/demos/lib/Wsm/debug.c:143:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "Version: %d\n", (int) reply->connect.version);
data/motif-2.3.8/demos/lib/Wsm/debug.c:153:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(ptr, ", ");
data/motif-2.3.8/demos/lib/Wsm/debug.c:161:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "Number of Windows with Info: %d\n",
data/motif-2.3.8/demos/lib/Wsm/debug.c:169:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "No other data for this reply.\n");
data/motif-2.3.8/demos/lib/Wsm/debug.c:176:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ptr, "Number of Data Attributes: %d\n", num);
data/motif-2.3.8/demos/lib/Wsm/debug.c:218:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Window: 0x%X\nNumber of Data Attributes: %d\n",
data/motif-2.3.8/demos/lib/Wsm/debug.c:275:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%c(%d)", win_data->data.char_ptr[i],
data/motif-2.3.8/demos/lib/Wsm/debug.c:279:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", (int) win_data->data.short_ptr[i]);
data/motif-2.3.8/demos/lib/Wsm/debug.c:282:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%ld", win_data->data.long_ptr[i]);
data/motif-2.3.8/demos/lib/Wsm/debug.c:290:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, ", ");
data/motif-2.3.8/demos/lib/Wsm/debug.c:323:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Global Formats - Number: %d\n", num);
data/motif-2.3.8/demos/lib/Wsm/debug.c:328:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Window Formats - Number: %d\n", num);
data/motif-2.3.8/demos/lib/Wsm/debug.c:333:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Icon Formats - Number: %d\n", num);
data/motif-2.3.8/demos/lib/Wsm/disp.c:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[BUFSIZ];
data/motif-2.3.8/demos/lib/Wsm/disp.c:194:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[BUFSIZ];
data/motif-2.3.8/demos/lib/Xmd/Help.c:750:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/motif-2.3.8/demos/lib/Xmd/Help.c:794:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
input = fopen(full_pathname, "r");
data/motif-2.3.8/demos/lib/Xmd/Help.c:938:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[2];
data/motif-2.3.8/demos/lib/Xmd/Menus.c:247:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/motif-2.3.8/demos/lib/Xmd/Print.c:211:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/motif-2.3.8/demos/lib/Xmd/Print.c:445:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", nw -> print.from_page);
data/motif-2.3.8/demos/lib/Xmd/Print.c:448:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", nw -> print.to_page);
data/motif-2.3.8/demos/lib/Xmd/Print.c:451:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", nw -> print.number_of_copies);
data/motif-2.3.8/demos/lib/Xmd/Print.c:507:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/motif-2.3.8/demos/lib/Xmd/Print.c:522:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", nw -> print.from_page);
data/motif-2.3.8/demos/lib/Xmd/Print.c:527:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", nw -> print.to_page);
data/motif-2.3.8/demos/lib/Xmd/Print.c:532:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", nw -> print.number_of_copies);
data/motif-2.3.8/demos/lib/Xmd/Print.c:556:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/motif-2.3.8/demos/lib/Xmd/Print.c:672:21: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cbstruct.copies = atol(temp);
data/motif-2.3.8/demos/lib/Xmd/Print.c:681:22: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cbstruct.first = atol(temp);
data/motif-2.3.8/demos/lib/Xmd/Print.c:685:21: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cbstruct.last = atol(temp);
data/motif-2.3.8/demos/lib/Xmd/Print.c:862:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/motif-2.3.8/demos/lib/Xmd/RegEdit.c:353:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/demos/lib/Xmd/RegEdit.c:355:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Unknown Protocol request %d.",event->any_event.type);
data/motif-2.3.8/demos/lib/Xmd/RegEdit.c:474:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/demos/lib/Xmd/RegEdit.c:475:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"Unknown Protocol request %d.",event->any_event.type);
data/motif-2.3.8/demos/lib/Xmd/RegEdit.c:826:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/demos/lib/Xmd/RegEdit.c:1717:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptr[BUFSIZ];
data/motif-2.3.8/demos/programs/ButtonBox/bboxdemo.c:112:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
margin = atoi(val);
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:583:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t emptyStrWcs[1];
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:1911:9: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(source, dest, count) memcpy(dest, source, count)
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:1911:36: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(source, dest, count) memcpy(dest, source, count)
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:1923:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Comment[BUFSIZ];
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:2352:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curbuf[BUFSIZ]; /* current buffer */
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:2836:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char Const _reverse_byte[0x100] = {
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:2948:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char Const _lomask[0x09] = {
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:2950:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char Const _himask[0x09] = {
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:3343:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:3575:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
free((char *)colorTable[a]);
data/motif-2.3.8/demos/programs/Exm/app_in_c/exm_in_c.c:151:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char menu_button_name[24];
data/motif-2.3.8/demos/programs/Exm/app_in_c/exm_in_c.c:228:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(menu_button_name, "Menu Button %d", menu_num);
data/motif-2.3.8/demos/programs/Ext18List/callbacks-c.c:286:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/demos/programs/Ext18List/callbacks-c.c:386:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, ".%d", players[playernum].average);
data/motif-2.3.8/demos/programs/Ext18List/callbacks-c.c:390:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", players[playernum].at_bats);
data/motif-2.3.8/demos/programs/Ext18List/callbacks-c.c:394:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", players[playernum].runs);
data/motif-2.3.8/demos/programs/Ext18List/callbacks-c.c:398:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", players[playernum].hits);
data/motif-2.3.8/demos/programs/Ext18List/callbacks-c.c:402:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", players[playernum].home_runs);
data/motif-2.3.8/demos/programs/Ext18List/callbacks-c.c:406:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", players[playernum].rbi);
data/motif-2.3.8/demos/programs/Ext18List/callbacks-c.c:554:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i1 = atoi(str1);
data/motif-2.3.8/demos/programs/Ext18List/callbacks-c.c:555:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i2 = atoi(str2);
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:583:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t emptyStrWcs[1];
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:1911:9: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(source, dest, count) memcpy(dest, source, count)
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:1911:36: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(source, dest, count) memcpy(dest, source, count)
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:1923:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Comment[BUFSIZ];
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:2352:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curbuf[BUFSIZ]; /* current buffer */
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:2836:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char Const _reverse_byte[0x100] = {
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:2948:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char Const _lomask[0x09] = {
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:2950:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char Const _himask[0x09] = {
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:3343:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:3575:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
free((char *)colorTable[a]);
data/motif-2.3.8/demos/programs/IconB/iconbuttondemo.c:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char place_str[50];
data/motif-2.3.8/demos/programs/IconB/iconbuttondemo.c:123:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message_string[BUFSIZ];
data/motif-2.3.8/demos/programs/IconB/iconbuttondemo.c:134:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(place_str, "XmIconTop");
data/motif-2.3.8/demos/programs/IconB/iconbuttondemo.c:137:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(place_str, "XmIconLeft");
data/motif-2.3.8/demos/programs/IconB/iconbuttondemo.c:140:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(place_str, "XmIconRight");
data/motif-2.3.8/demos/programs/IconB/iconbuttondemo.c:143:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(place_str, "XmIconBottom");
data/motif-2.3.8/demos/programs/IconB/iconbuttondemo.c:146:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(place_str, "XmIconOnly");
data/motif-2.3.8/demos/programs/IconB/iconbuttondemo.c:150:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(place_str, "XmIconNone");
data/motif-2.3.8/demos/programs/IconB/iconbuttondemo.c:160:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(place_str, "not applicable");
data/motif-2.3.8/demos/programs/IconB/iconbuttondemo.c:165:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(place_str, "not applicable");
data/motif-2.3.8/demos/programs/IconB/misc.c:553:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t emptyStrWcs[1];
data/motif-2.3.8/demos/programs/IconB/misc.c:1885:9: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(source, dest, count) memcpy(dest, source, count)
data/motif-2.3.8/demos/programs/IconB/misc.c:1885:36: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(source, dest, count) memcpy(dest, source, count)
data/motif-2.3.8/demos/programs/IconB/misc.c:1897:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Comment[BUFSIZ];
data/motif-2.3.8/demos/programs/IconB/misc.c:2324:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curbuf[BUFSIZ]; /* current buffer */
data/motif-2.3.8/demos/programs/IconB/misc.c:2808:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char Const _reverse_byte[0x100] = {
data/motif-2.3.8/demos/programs/IconB/misc.c:2920:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char Const _lomask[0x09] = {
data/motif-2.3.8/demos/programs/IconB/misc.c:2922:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char Const _himask[0x09] = {
data/motif-2.3.8/demos/programs/IconB/misc.c:3315:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/demos/programs/IconB/misc.c:3547:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
free((char *)colorTable[a]);
data/motif-2.3.8/demos/programs/Outline/outline.c:305:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[30];
data/motif-2.3.8/demos/programs/Outline/outline.c:306:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer, "New Child %d", count++);
data/motif-2.3.8/demos/programs/Outline/outline.c:489:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:594:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t emptyStrWcs[1];
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:1968:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Comment[BUFSIZ];
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:2354:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curbuf[BUFSIZ]; /* current buffer */
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:2838:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char Const _reverse_byte[0x100] = {
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:2950:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char Const _lomask[0x09] = {
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:2952:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char Const _himask[0x09] = {
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:3345:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:3577:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
free((char *)colorTable[a]);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:3686:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:3777:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lineage[1000];
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:3778:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/motif-2.3.8/demos/programs/TabStack/callbacks.c:146:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
XtFree((char *)(valueList[i]));
data/motif-2.3.8/demos/programs/TabStack/callbacks.c:176:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
XtFree((char *)(valueList[i]));
data/motif-2.3.8/demos/programs/TabStack/callbacks.c:194:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
XtFree((char *)(valueList[i]));
data/motif-2.3.8/demos/programs/TabStack/callbacks.c:234:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
XtFree((char *)(valueList[i]));
data/motif-2.3.8/demos/programs/TabStack/callbacks.c:262:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
XtFree((char *)(valueList[i]));
data/motif-2.3.8/demos/programs/TabStack/callbacks.c:273:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
XtFree((char *)(valueList[i]));
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:583:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t emptyStrWcs[1];
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:1911:9: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(source, dest, count) memcpy(dest, source, count)
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:1911:36: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(source, dest, count) memcpy(dest, source, count)
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:1923:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Comment[BUFSIZ];
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:2352:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curbuf[BUFSIZ]; /* current buffer */
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:2836:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char Const _reverse_byte[0x100] = {
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:2948:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char Const _lomask[0x09] = {
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:2950:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char Const _himask[0x09] = {
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:3343:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:3575:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
free((char *)colorTable[a]);
data/motif-2.3.8/demos/programs/Tree/tree.c:609:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/motif-2.3.8/demos/programs/airport/airport.h:94:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
typedef enum {closed, open} AirportState ;
data/motif-2.3.8/demos/programs/airport/dragsource.c:97:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[256];
data/motif-2.3.8/demos/programs/airport/dragsource.c:109:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Flight %ld leaving from gate %d",
data/motif-2.3.8/demos/programs/airport/dragsource.c:256:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[256];
data/motif-2.3.8/demos/programs/airport/dragsource.c:266:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Passengers from flight %ld have landed safely",
data/motif-2.3.8/demos/programs/airport/dragsource.c:270:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Flight %ld has returned", flight->number);
data/motif-2.3.8/demos/programs/airport/dropsite.c:168:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[256];
data/motif-2.3.8/demos/programs/airport/dropsite.c:172:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg, "Flight %ld arrived at gate %d",
data/motif-2.3.8/demos/programs/airport/main.c:358:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128];
data/motif-2.3.8/demos/programs/airport/main.c:362:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(strcpy(name, entry), "Menu"),
data/motif-2.3.8/demos/programs/airport/main.c:475:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (this->state == open) { /* destroy current data */
data/motif-2.3.8/demos/programs/airport/main.c:548:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
this->state = open;
data/motif-2.3.8/demos/programs/animate/xmanimate.c:62:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *vec[2]={"xmanimate.uid"}; /* MRM database file list */
data/motif-2.3.8/demos/programs/animate/xmanimate.c:139:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uidanimfile[100] ;
data/motif-2.3.8/demos/programs/animate/xmanimate.c:162:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (*++argv) speed_factor = atoi(*argv) ;
data/motif-2.3.8/demos/programs/animate/xmanimate.c:171:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(uidanimfile,".uid");
data/motif-2.3.8/demos/programs/animate/xmanimate.c:222:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uiliconname[100];
data/motif-2.3.8/demos/programs/drag_and_drop/simpledrop.c:49:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
typedef enum {closed, open} State ;
data/motif-2.3.8/demos/programs/drag_and_drop/simpledrop.c:107:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256];
data/motif-2.3.8/demos/programs/drag_and_drop/simpledrop.c:150:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128];
data/motif-2.3.8/demos/programs/drag_and_drop/simpledrop.c:154:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(strcpy(name, entry), "Menu"),
data/motif-2.3.8/demos/programs/drag_and_drop/simpledrop.c:411:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[256];
data/motif-2.3.8/demos/programs/draw/draw.c:463:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((out_file=fopen(filename, "w")) == NULL) {
data/motif-2.3.8/demos/programs/filemanager/actions.c:97:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/motif-2.3.8/demos/programs/filemanager/actions.c:126:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/motif-2.3.8/demos/programs/filemanager/actions.c:165:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/motif-2.3.8/demos/programs/filemanager/filemanager.c:122:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
updateTime = atoi(str);
data/motif-2.3.8/demos/programs/filemanager/filemanager.c:137:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/motif-2.3.8/demos/programs/filemanager/filemanager.c:138:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "*l%d", i);
data/motif-2.3.8/demos/programs/filemanager/filemanager.c:202:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errortext[100];
data/motif-2.3.8/demos/programs/filemanager/interface.c:169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10];
data/motif-2.3.8/demos/programs/filemanager/interface.c:171:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "l%d", n);
data/motif-2.3.8/demos/programs/filemanager/readdir.c:95:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/motif-2.3.8/demos/programs/filemanager/readdir.c:164:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *names[32]; /* They had better not go more than 32 levels
data/motif-2.3.8/demos/programs/filemanager/readdir.c:166:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/motif-2.3.8/demos/programs/filemanager/readdir.c:273:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/motif-2.3.8/demos/programs/filemanager/readdir.c:305:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", FI[ind].statbuf.st_uid);
data/motif-2.3.8/demos/programs/filemanager/readdir.c:314:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%c%c%c,%c%c%c,%c%c%c",
data/motif-2.3.8/demos/programs/filemanager/readdir.c:332:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%-d", (int) size);
data/motif-2.3.8/demos/programs/filemanager/readdir.c:334:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%-.2fK", size/1.0e3);
data/motif-2.3.8/demos/programs/filemanager/readdir.c:336:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%-.2fM", size/1.0e6);
data/motif-2.3.8/demos/programs/filemanager/readdir.c:387:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/motif-2.3.8/demos/programs/filemanager/readdir.c:451:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msk[256];
data/motif-2.3.8/demos/programs/filemanager/readdir.c:457:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msk, "_m.xpm");
data/motif-2.3.8/demos/programs/filemanager/readdir.c:460:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(msk, "_m");
data/motif-2.3.8/demos/programs/filemanager/readdir.c:573:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/motif-2.3.8/demos/programs/filemanager/readdir.c:680:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/motif-2.3.8/demos/programs/filemanager/readdir.c:682:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, " &");
data/motif-2.3.8/demos/programs/fileview/file.c:46:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(path, "r");
data/motif-2.3.8/demos/programs/fileview/main.c:67:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[255];
data/motif-2.3.8/demos/programs/fileview/main.c:204:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[128];
data/motif-2.3.8/demos/programs/fileview/main.c:208:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[255];
data/motif-2.3.8/demos/programs/fileview/main.c:291:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(filename, ".df");
data/motif-2.3.8/demos/programs/fileview/main.c:296:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(filename, ".uid");
data/motif-2.3.8/demos/programs/fileview/main.c:454:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char menu_name[64];
data/motif-2.3.8/demos/programs/fileview/main.c:459:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(strcpy(menu_name, entry), "Menu"),
data/motif-2.3.8/demos/programs/fileview/main.h:62:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *uid_files[UIL_FILE_COUNT] = {NULL};
data/motif-2.3.8/demos/programs/getsubres/getsubres.c:244:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256] ;
data/motif-2.3.8/demos/programs/getsubres/getsubres.c:271:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff_line[256] ;
data/motif-2.3.8/demos/programs/getsubres/getsubres.c:365:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
XtFree((char *)res_sec_list[i]->resources);
data/motif-2.3.8/demos/programs/getsubres/getsubres.c:366:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
XtFree((char *)res_sec_list[i]);
data/motif-2.3.8/demos/programs/i18ninput/i18ninput.c:66:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char basename[300];
data/motif-2.3.8/demos/programs/i18ninput/i18ninput.c:85:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[132];
data/motif-2.3.8/demos/programs/i18ninput/input.c:329:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy((char *)warr_ret,
data/motif-2.3.8/demos/programs/panner/panner.c:253:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char selectionName[40];
data/motif-2.3.8/demos/programs/periodic/periodic.c:282:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/motif-2.3.8/demos/programs/periodic/periodic.c:286:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf + strlen(buf) - 4, "Dialog");
data/motif-2.3.8/demos/programs/piano/piano.c:612:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(fileName, "w");
data/motif-2.3.8/demos/programs/piano/piano.c:683:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(fileName, "r");
data/motif-2.3.8/demos/programs/sampler2_0/sampler2_0.c:200:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tab_name[100] ;
data/motif-2.3.8/demos/programs/sampler2_0/sampler2_0.c:406:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char icon_name[20] ;
data/motif-2.3.8/demos/programs/sampler2_0/sampler2_0.c:408:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(icon_name, "IconGadget%d", i);
data/motif-2.3.8/demos/programs/sampler2_0/sampler2_0.c:582:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char child_name[20] ;
data/motif-2.3.8/demos/programs/sampler2_0/sampler2_0.c:584:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(child_name, "RCChild%d", i);
data/motif-2.3.8/demos/programs/setdate/setDate.c:81:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *monthstr[12];
data/motif-2.3.8/demos/programs/setdate/setDate.c:82:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/motif-2.3.8/demos/programs/setdate/setDate.c:274:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[80];
data/motif-2.3.8/demos/programs/setdate/setDate.c:275:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[32];
data/motif-2.3.8/demos/programs/setdate/setDate.c:277:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(date, "%02d%02d%02d%02d%02d", (mn + 1), dy,
data/motif-2.3.8/demos/programs/todo/actions.c:322:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/motif-2.3.8/demos/programs/todo/actions.c:340:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Page %d", pageNumber + 1);
data/motif-2.3.8/demos/programs/todo/actions.c:347:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Page %d (Bad Page)", pageNumber + 1);
data/motif-2.3.8/demos/programs/todo/io.c:107:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/motif-2.3.8/demos/programs/todo/io.c:111:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
input = fopen(filename, "r");
data/motif-2.3.8/demos/programs/todo/io.c:119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/motif-2.3.8/demos/programs/todo/io.c:258:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldfilename[256];
data/motif-2.3.8/demos/programs/todo/io.c:267:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/motif-2.3.8/demos/programs/todo/io.c:290:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
output = fopen(filename, "w");
data/motif-2.3.8/demos/programs/todo/todo.c:130:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temppath[256];
data/motif-2.3.8/demos/programs/todo/todo.c:228:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temppath, "/.todo");
data/motif-2.3.8/demos/programs/todo/todo.c:279:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/motif-2.3.8/demos/programs/todo/todo.c:285:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "untitled%d.todo", i++);
data/motif-2.3.8/demos/programs/todo/todo.c:340:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
temp = fopen("/tmp/.todoout", "w");
data/motif-2.3.8/demos/programs/tooltips/tooltips.c:63:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atoi(valueString);
data/motif-2.3.8/demos/programs/tooltips/tooltips.c:67:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(valueString, "%i", value);
data/motif-2.3.8/demos/programs/tooltips/tooltips.c:89:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atoi(valueString);
data/motif-2.3.8/demos/programs/tooltips/tooltips.c:194:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[255];
data/motif-2.3.8/demos/programs/tooltips/tooltips.c:208:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%i", delay);
data/motif-2.3.8/demos/programs/tooltips/tooltips.c:236:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[255];
data/motif-2.3.8/demos/programs/tooltips/tooltips.c:250:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%i", delay);
data/motif-2.3.8/demos/programs/workspace/command_ui.c:203:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[128];
data/motif-2.3.8/demos/programs/workspace/command_ui.c:242:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[128];
data/motif-2.3.8/demos/programs/workspace/command_ui.c:281:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[128];
data/motif-2.3.8/demos/programs/workspace/command_ui.c:339:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[128];
data/motif-2.3.8/demos/programs/workspace/command_ui.c:430:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[128];
data/motif-2.3.8/demos/programs/workspace/wsm.c:372:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(*name, "/.wsmdb");
data/motif-2.3.8/demos/programs/workspace/wsm.c:380:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *str, strq[20];
data/motif-2.3.8/demos/programs/workspace/wsm.c:388:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(strq,"Room%d",i+1);
data/motif-2.3.8/demos/programs/workspace/wsm.c:400:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(strq,"Room%d",i+1);
data/motif-2.3.8/demos/programs/workspace/wsm.c:412:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str,"Room%d",i);
data/motif-2.3.8/demos/programs/workspace/wsm.h:40:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_LENGTH];
data/motif-2.3.8/demos/programs/workspace/wsm.h:42:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pixmap_name[MAX_LENGTH];
data/motif-2.3.8/demos/programs/workspace/wsm.h:43:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char background[MAX_LENGTH];
data/motif-2.3.8/demos/programs/workspace/wsmData.c:567:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempstr[10];
data/motif-2.3.8/demos/programs/workspace/wsmData.c:597:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempstr,"%ld",win_data->data.long_ptr[i]);
data/motif-2.3.8/demos/programs/workspace/wsmData.c:609:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str,"%ld", win_data->data.value);
data/motif-2.3.8/demos/programs/workspace/wsmData.c:707:21: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
list[i] = atol(str);
data/motif-2.3.8/demos/programs/workspace/wsmStruct.c:125:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s->background,"None");
data/motif-2.3.8/demos/programs/workspace/wsmStruct.c:126:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s->pixmap_name,"None");
data/motif-2.3.8/demos/programs/workspace/wsmStruct.c:1318:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str,"Global");
data/motif-2.3.8/demos/programs/workspace/wsmStruct.c:1479:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str,"%d",count);
data/motif-2.3.8/demos/programs/workspace/wsm_cb.c:183:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[20];
data/motif-2.3.8/demos/programs/workspace/wsm_cb.c:191:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str,"Room%d",i++);
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:646:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char linked_string[10];
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:647:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char all_workspace_string[10];
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:741:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (linked) strcpy(linked_string,"True");
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:742:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else strcpy(linked_string,"False");
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:760:27: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (all_workspaces) strcpy(all_workspace_string,"True");
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:761:12: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else strcpy(all_workspace_string,"False");
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:924:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char true_str[10];
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:930:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(true_str,"True");
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:1032:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[512];
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:1104:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fileD = fopen(del_db,"r");
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:1105:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fileN = fopen(save_db,"w");
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:1155:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[512];
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:1212:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fileD = fopen(del_db,"r");
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:1213:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fileN = fopen(save_db,"w");
data/motif-2.3.8/demos/unsupported/aicon/aicon.c:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char icon_fullname[256] ;
data/motif-2.3.8/demos/unsupported/aicon/aicon.c:163:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[256] ;
data/motif-2.3.8/demos/unsupported/dainput/dainput.c:46:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char basename[300];
data/motif-2.3.8/demos/unsupported/dainput/dainput.c:68:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[132];
data/motif-2.3.8/demos/unsupported/dainput/dainput_dlg.c:263:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char insert_string[100];
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:98:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename [256];
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:252:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((tmpf=fopen(fullname,"r")))
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:303:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open (fileptr, O_RDONLY)) < 0)
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:306:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname[1024];
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:311:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open (pathname, O_RDONLY)) < 0)
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:322:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(datahome, O_RDONLY)) < 0)
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:333:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open (capfileptr, O_RDONLY);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:580:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/motif-2.3.8/demos/unsupported/uilsymdump/uilsymdump.c:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *include_list[3];
data/motif-2.3.8/demos/unsupported/uilsymdump/uilsymdump.c:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[255], listing_name[255], uid_name[255];
data/motif-2.3.8/demos/unsupported/uilsymdump/uilsymdump.c:71:35: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcpy (uid_name, file_name); strcat (uid_name, ".uid");
data/motif-2.3.8/demos/unsupported/uilsymdump/uilsymdump.c:72:39: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcpy (listing_name, file_name); strcat (listing_name, ".lis");
data/motif-2.3.8/demos/unsupported/uilsymdump/uilsymdump.c:73:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (file_name, ".uil");
data/motif-2.3.8/demos/unsupported/xmapdef/xmapdef.c:361:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char message[1000]; /* help text */
data/motif-2.3.8/demos/unsupported/xmapdef/xmapdef.c:368:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (message, "\
data/motif-2.3.8/demos/unsupported/xmapdef/xmapdef.c:462:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuff[256] ;
data/motif-2.3.8/demos/unsupported/xmapdef/xmapdef.c:464:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((in_file = fopen(file_name, "r")) == NULL) {
data/motif-2.3.8/demos/unsupported/xmfonts/xmfonts.c:295:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char message[BUFSIZ]; /* text sample */
data/motif-2.3.8/demos/unsupported/xmfonts/xmfonts.c:370:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char message[BUFSIZ]; /* help text */
data/motif-2.3.8/demos/unsupported/xmfonts/xmfonts.c:379:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (message, "\
data/motif-2.3.8/demos/unsupported/xmforc/xmforc.c:692:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char message[1000]; /* help text */
data/motif-2.3.8/demos/unsupported/xmforc/xmforc.c:699:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (message, "\
data/motif-2.3.8/demos/unsupported/xmforc/xmforc.c:747:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10] ;
data/motif-2.3.8/demos/unsupported/xmforc/xmforc.c:772:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "push%d", i);
data/motif-2.3.8/demos/unsupported/xmforc/xmforc.c:1061:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
val = atoi(string) ;
data/motif-2.3.8/demos/unsupported/xmforc/xmforc.c:1235:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
XtSetArg(args[n], XmNx, atoi(s_x)); n++;
data/motif-2.3.8/demos/unsupported/xmforc/xmforc.c:1236:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
XtSetArg(args[n], XmNy, atoi(s_y)); n++;
data/motif-2.3.8/demos/unsupported/xmforc/xmforc.c:1237:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
XtSetArg(args[n], XmNwidth, atoi(s_width)); n++;
data/motif-2.3.8/demos/unsupported/xmforc/xmforc.c:1238:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
XtSetArg(args[n], XmNheight, atoi(s_height)); n++;
data/motif-2.3.8/demos/unsupported/xmforc/xmforc.c:1239:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
XtSetArg(args[n], XmNrecomputeSize, atoi(s_recomp_size)); n++;
data/motif-2.3.8/demos/unsupported/xmforc/xmforc.c:1262:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[10] ;
data/motif-2.3.8/demos/unsupported/xmforc/xmforc.c:1288:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s,"%d",b_x);
data/motif-2.3.8/demos/unsupported/xmforc/xmforc.c:1293:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s,"%d",b_y);
data/motif-2.3.8/demos/unsupported/xmforc/xmforc.c:1298:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s,"%d",b_width);
data/motif-2.3.8/demos/unsupported/xmforc/xmforc.c:1303:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s,"%d",b_height);
data/motif-2.3.8/demos/unsupported/xmforc/xmforc.c:1308:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s,"%d",b_recomp_size);
data/motif-2.3.8/demos/unsupported/xmform/xmform.c:69:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[2] ;
data/motif-2.3.8/lib/Mrm/IDB.h:120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[1] ; /* First byte in data */
data/motif-2.3.8/lib/Mrm/IDB.h:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[1] ; /* first data byte */
data/motif-2.3.8/lib/Mrm/IDB.h:205:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[IDBRecordSize-sizeof(IDBRecordHeader)] ;
data/motif-2.3.8/lib/Mrm/IDB.h:240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char db_version[IDBhsVersion1] ;
data/motif-2.3.8/lib/Mrm/IDB.h:242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creator[IDBhsCreator1] ; /* creator id */
data/motif-2.3.8/lib/Mrm/IDB.h:243:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creator_version[IDBhsVersion1] ;
data/motif-2.3.8/lib/Mrm/IDB.h:245:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creation_date[IDBhsDate1] ;
data/motif-2.3.8/lib/Mrm/IDB.h:247:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char module[IDBhsModule1] ; /* module id */
data/motif-2.3.8/lib/Mrm/IDB.h:248:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char module_version[IDBhsVersion1] ;
data/motif-2.3.8/lib/Mrm/IDB.h:281:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[1]; /* First available byte for data */
data/motif-2.3.8/lib/Mrm/IDB.h:519:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[1] ; /* First available byte for data */
data/motif-2.3.8/lib/Mrm/Mrm.h:445:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c_text[1]; /* text of the name */
data/motif-2.3.8/lib/Mrm/Mrm.h:494:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char db_version[IDBhsVersion1] ;
data/motif-2.3.8/lib/Mrm/Mrm.h:496:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creator[IDBhsCreator1] ; /* creator id */
data/motif-2.3.8/lib/Mrm/Mrm.h:497:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creator_version[IDBhsVersion1] ;
data/motif-2.3.8/lib/Mrm/Mrm.h:499:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creation_date[IDBhsDate1] ;
data/motif-2.3.8/lib/Mrm/Mrm.h:501:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char module[IDBhsModule1] ; /* module id */
data/motif-2.3.8/lib/Mrm/Mrm.h:502:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char module_version[IDBhsVersion1] ;
data/motif-2.3.8/lib/Mrm/Mrm.h:805:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bytes[1]; /* vector of bytes */
data/motif-2.3.8/lib/Mrm/Mrm.h:926:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char index[1] ; /* index for URMrIndex resource
data/motif-2.3.8/lib/Mrm/Mrm.h:964:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char index[URMMaxIndexLen1] ;
data/motif-2.3.8/lib/Mrm/Mrm.h:1013:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1] ; /* color name */
data/motif-2.3.8/lib/Mrm/MrmIfile.c:145:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_desc = open (name, O_RDWR, PMODE);
data/motif-2.3.8/lib/Mrm/MrmIfile.c:162:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_desc = open (name, O_RDWR, PMODE);
data/motif-2.3.8/lib/Mrm/MrmIfile.c:172:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_desc = open (name, O_RDONLY, PMODE);
data/motif-2.3.8/lib/Mrm/MrmIheader.c:158:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[300];
data/motif-2.3.8/lib/Mrm/MrmIindexw.c:575:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p_index_stg[IDBMaxIndexLength1] ; /* save hoisted idx */
data/motif-2.3.8/lib/Mrm/MrmIindexw.c:745:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p_index_stg[IDBMaxIndexLength1]; /* save hoisted indx */
data/motif-2.3.8/lib/Mrm/MrmIswap.c:103:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_msg[300] ;
data/motif-2.3.8/lib/Mrm/MrmIswap.c:256:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_msg[300];
data/motif-2.3.8/lib/Mrm/MrmIswap.c:341:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_msg[300];
data/motif-2.3.8/lib/Mrm/Mrmappl.c:758:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[300];
data/motif-2.3.8/lib/Mrm/Mrmerror.c:185:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[300] ; /* error message */
data/motif-2.3.8/lib/Mrm/Mrmhier.c:165:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_stg[300];
data/motif-2.3.8/lib/Mrm/Mrmhier.c:697:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[300]; /* file name (unused) */
data/motif-2.3.8/lib/Mrm/Mrmhier.c:698:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_stg[300];
data/motif-2.3.8/lib/Mrm/Mrmicon.c:290:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_msg[300];
data/motif-2.3.8/lib/Mrm/Mrmicon.c:1096:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_msg[300];
data/motif-2.3.8/lib/Mrm/Mrmlread.c:115:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_msg[300]; /* for error messages */
data/motif-2.3.8/lib/Mrm/Mrmlread.c:641:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_msg[300] ;
data/motif-2.3.8/lib/Mrm/Mrmwci.c:337:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_msg[300];
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:261:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_msg[300] ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:1128:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_msg[300] ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2044:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_msg[300] ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2749:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wchar_dst, wchar_src, size) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2905:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_msg[300] ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:3037:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_msg[300] ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:3223:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_msg[300] ;
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:3418:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_msg[300] ; /* to format error messages */
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:1931:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (stgadr, stg, len) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:2003:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (cstgadr, (char *)asn1, len) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:2069:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (wcsadr, wcs, len) ;
data/motif-2.3.8/lib/Mrm/Mrmwrefs.c:301:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[300];
data/motif-2.3.8/lib/Mrm/Mrmwrefs.c:387:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[300];
data/motif-2.3.8/lib/Mrm/Mrmwrefs.c:427:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cbdesc, cbptr, descsize);
data/motif-2.3.8/lib/Xm/ArrowBG.c:630:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &ag->arrowbutton.background, value.addr, value.size);
data/motif-2.3.8/lib/Xm/ArrowBG.c:639:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &ag->arrowbutton.foreground, value.addr, value.size);
data/motif-2.3.8/lib/Xm/ArrowBG.c:648:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)&ag->arrowbutton.top_shadow_color, value.addr,value.size);
data/motif-2.3.8/lib/Xm/ArrowBG.c:657:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)&ag->arrowbutton.bottom_shadow_color, value.addr, value.size);
data/motif-2.3.8/lib/Xm/ArrowBG.c:666:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &ag->arrowbutton.highlight_color, value.addr,value.size);
data/motif-2.3.8/lib/Xm/BaseClass.c:1803:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_resources, comp_resources,
data/motif-2.3.8/lib/Xm/BaseClassP.h:139:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char flags[32];
data/motif-2.3.8/lib/Xm/BitmapsI.h:44:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static XmConst unsigned char bitmaps [20][32] =
data/motif-2.3.8/lib/Xm/ButtonBox.c:686:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lowerName[BUFSIZ];
data/motif-2.3.8/lib/Xm/Cache.c:79:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dest, src, size);
data/motif-2.3.8/lib/Xm/CallbackI.c:65:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)ToList(icl), (char *)ToList(*callbacks),
data/motif-2.3.8/lib/Xm/CascadeBG.c:631:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reqSec, newSec, size);
data/motif-2.3.8/lib/Xm/CascadeBG.c:2372:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(newSec->label_cache),
data/motif-2.3.8/lib/Xm/CascadeBG.c:2376:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(newSec->cascade_button_cache),
data/motif-2.3.8/lib/Xm/CascadeBG.c:2396:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((XtPointer)reqSec, (XtPointer)newSec, size);
data/motif-2.3.8/lib/Xm/CascadeBG.c:2456:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(newSec->label_cache),
data/motif-2.3.8/lib/Xm/CascadeBG.c:2460:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(newSec->cascade_button_cache),
data/motif-2.3.8/lib/Xm/CascadeBG.c:3077:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cp, LabG_Cache(widget), labg_cache_size);
data/motif-2.3.8/lib/Xm/CascadeBG.c:3079:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( cp, CBG_Cache(widget), cascadebg_cache_size);
data/motif-2.3.8/lib/Xm/ClipWindow.c:272:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_CLIPWINDOW_TM_SIZE]; /* memory used externally */
data/motif-2.3.8/lib/Xm/ClipWindow.c:298:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp, "Ctrl ");
data/motif-2.3.8/lib/Xm/ClipWindow.c:300:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp, "Shift ");
data/motif-2.3.8/lib/Xm/ClipWindow.c:302:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp, "Mod1 "); /* "Alt" may not be always right */
data/motif-2.3.8/lib/Xm/ClipWindow.c:304:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp,"<Key>");
data/motif-2.3.8/lib/Xm/ClipWindow.c:306:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp,": ");
data/motif-2.3.8/lib/Xm/Color.c:1252:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char k[5];
data/motif-2.3.8/lib/Xm/Color.c:1255:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(k, col, 4);
data/motif-2.3.8/lib/Xm/Color.c:1257:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(k, col + 4, 4);
data/motif-2.3.8/lib/Xm/Color.c:1289:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(im.colorTable[0].c_color, "#%04x%04x%04x", bw, bw, bw);
data/motif-2.3.8/lib/Xm/Color.c:1301:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(im.colorTable[1].c_color, "#%04x%04x%04x", bw2, bw2, bw2);
data/motif-2.3.8/lib/Xm/Color.c:1304:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (im.colorTable[0].c_color, "#%04x%04x%04x", bw, bw, bw);
data/motif-2.3.8/lib/Xm/Color.c:1309:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char e[5];
data/motif-2.3.8/lib/Xm/Color.c:1317:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(e, "%04x", bw);
data/motif-2.3.8/lib/Xm/Color.c:1318:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(col + 1, e, 4);
data/motif-2.3.8/lib/Xm/Color.c:1319:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(col + 5, e, 4);
data/motif-2.3.8/lib/Xm/Color.c:1320:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(col + 9, e, 4);
data/motif-2.3.8/lib/Xm/ColorObj.c:529:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_SCREENS * MAX_ATOM_LENGTH];
data/motif-2.3.8/lib/Xm/ColorObj.c:530:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name_buf[MAX_SCREENS];
data/motif-2.3.8/lib/Xm/ColorObj.c:652:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256];
data/motif-2.3.8/lib/Xm/ColorObj.c:659:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "%x_", colorUse);
data/motif-2.3.8/lib/Xm/ColorObj.c:668:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp,"%lx_%lx_%lx_%lx_%lx_", colors[i].bg, colors[i].fg,
data/motif-2.3.8/lib/Xm/ColorS.c:389:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message_buffer[BUFSIZ];
data/motif-2.3.8/lib/Xm/ColorS.c:566:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string_buffer[BUFSIZ];
data/motif-2.3.8/lib/Xm/ColorS.c:695:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lowerName[BUFSIZ];
data/motif-2.3.8/lib/Xm/ColorS.c:964:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[XmColorSelector_COLOR_NAME_SIZE], new_label[BUFSIZ];
data/motif-2.3.8/lib/Xm/ColorS.c:971:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "#%02x%02x%02x", XmColorS_slider_red(csw),
data/motif-2.3.8/lib/Xm/ColorS.c:1012:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "#%02x%02x%02x", color.red/256, color.green/256, color.blue/256);
data/motif-2.3.8/lib/Xm/ColorS.c:1217:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/ColorS.c:1218:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string_buffer[BUFSIZ];
data/motif-2.3.8/lib/Xm/ColorS.c:1269:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((file = fopen(XmColorS_rgb_file(csw), "r")) != NULL) {
data/motif-2.3.8/lib/Xm/ColorSP.h:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[XmColorSelector_COLOR_NAME_SIZE], no_space_lower_name[XmColorSelector_COLOR_NAME_SIZE];
data/motif-2.3.8/lib/Xm/Column.c:1123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/motif-2.3.8/lib/Xm/Column.c:1133:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "_label");
data/motif-2.3.8/lib/Xm/Column.c:1138:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "_label");
data/motif-2.3.8/lib/Xm/Command.c:888:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( argsNew, al, sizeof(Arg) * ac);
data/motif-2.3.8/lib/Xm/Container.c:4100:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)cw->container.transfer_action->event,(void *)event,
data/motif-2.3.8/lib/Xm/CutPaste.c:1145:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cur_pointer, loc_pointer, (size_t) byte_length );
data/motif-2.3.8/lib/Xm/CutPaste.c:1236:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(clipboard_pointer, pointer, (size_t) loclength );
data/motif-2.3.8/lib/Xm/CutPaste.c:1337:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char atomname[ 100 ];
data/motif-2.3.8/lib/Xm/CutPaste.c:1346:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( atomname, "_MOTIF_CLIP_ITEM_%ld", itemid );
data/motif-2.3.8/lib/Xm/CutPaste.c:3233:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( to_ptr, buffer, (size_t) length );
data/motif-2.3.8/lib/Xm/CutPaste.c:3562:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( to_ptr, buffer, (size_t) length );
data/motif-2.3.8/lib/Xm/CutPaste.c:4014:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( buffer, ptr, (size_t) loc_outlength );
data/motif-2.3.8/lib/Xm/DataF.c:1687:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MB_LEN_MAX]; /* defined in limits.h: max in any locale */
data/motif-2.3.8/lib/Xm/DataF.c:2683:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack_cache[400], *tmp;
data/motif-2.3.8/lib/Xm/DataF.c:2705:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack_cache[400], *tmp;
data/motif-2.3.8/lib/Xm/DataF.c:2759:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack_cache[400], *tmp;
data/motif-2.3.8/lib/Xm/DataF.c:2781:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack_cache[400], *tmp;
data/motif-2.3.8/lib/Xm/DataF.c:2840:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char seg[256];
data/motif-2.3.8/lib/Xm/DataF.c:2999:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char *)XmTextF_value(tf), i, l[i].position, start, end);
data/motif-2.3.8/lib/Xm/DataF.c:3434:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)newblock.ptr, (void*)*insert,
data/motif-2.3.8/lib/Xm/DataF.c:3492:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)wcs_newblock.wcsptr, (void*)*insert,
data/motif-2.3.8/lib/Xm/DataF.c:3551:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)*insert, (void*)wcs_vcb.text->wcsptr,
data/motif-2.3.8/lib/Xm/DataF.c:3574:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)*insert, (void*)vcb.text->ptr,
data/motif-2.3.8/lib/Xm/DataF.c:4523:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[MB_LEN_MAX];
data/motif-2.3.8/lib/Xm/DataF.c:4524:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[MB_LEN_MAX];
data/motif-2.3.8/lib/Xm/DataF.c:4831:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scratch[8];
data/motif-2.3.8/lib/Xm/DataF.c:4898:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scratch[8];
data/motif-2.3.8/lib/Xm/DataF.c:4929:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cache[100];
data/motif-2.3.8/lib/Xm/DataF.c:4983:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char insert_string[TEXT_MAX_INSERT_SIZE];
data/motif-2.3.8/lib/Xm/DataF.c:5045:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack_cache[100];
data/motif-2.3.8/lib/Xm/DataF.c:5092:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char insert_string[TEXT_MAX_INSERT_SIZE];
data/motif-2.3.8/lib/Xm/DataF.c:7456:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)tmp->event, (void *)event, sizeof(XEvent));
data/motif-2.3.8/lib/Xm/DataF.c:7948:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spaces_cache[100];
data/motif-2.3.8/lib/Xm/DataF.c:8687:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)XmTextF_selection_array(tf), (void *)temp_ptr,
data/motif-2.3.8/lib/Xm/DataF.c:8858:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack_cache[400];
data/motif-2.3.8/lib/Xm/DataF.c:8874:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warn_str[52];
data/motif-2.3.8/lib/Xm/DataF.c:8881:6: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t tmp[XmTextF_max_char_size(tf)+1];
data/motif-2.3.8/lib/Xm/DataF.c:8892:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warn_str[52];
data/motif-2.3.8/lib/Xm/DataF.c:8907:39: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
XmTextF_value(tf) = (char *) memcpy(
data/motif-2.3.8/lib/Xm/DataF.c:8926:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scratch[8];
data/motif-2.3.8/lib/Xm/DataF.c:8947:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warn_str[52];
data/motif-2.3.8/lib/Xm/DataF.c:8958:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warn_str[52];
data/motif-2.3.8/lib/Xm/DataF.c:8983:43: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
XmTextF_wc_value(tf) = (wchar_t*)memcpy(XtMalloc((unsigned)
data/motif-2.3.8/lib/Xm/DataF.c:9376:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pixmap_name[17];
data/motif-2.3.8/lib/Xm/DataF.c:9381:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pixmap_name, "_XmDataF_%d_%d", XmTextF_cursor_height(tf), line_width);
data/motif-2.3.8/lib/Xm/DataF.c:9449:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pixmap_name, "_XmText_CM_%d", XmTextF_cursor_height(tf));
data/motif-2.3.8/lib/Xm/DataF.c:9487:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pixmap_name[25];
data/motif-2.3.8/lib/Xm/DataF.c:9490:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pixmap_name, "_XmDataF_AddMode_%d_%d",
data/motif-2.3.8/lib/Xm/DataF.c:10599:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)XmTextF_selection_array(new_tf), (void *)temp_ptr,
data/motif-2.3.8/lib/Xm/DataF.c:10708:50: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
XmTextF_value(new_tf) = (char *) memcpy(
data/motif-2.3.8/lib/Xm/DataF.c:10718:40: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
XmTextF_wc_value(new_tf) = (wchar_t*)memcpy(
data/motif-2.3.8/lib/Xm/DataF.c:11153:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)buffer, (void*)&XmTextF_value(tf)[start], num_chars);
data/motif-2.3.8/lib/Xm/DataF.c:11195:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)temp_wcs, (void*)XmTextF_wc_value(tf),
data/motif-2.3.8/lib/Xm/DataF.c:11262:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)buffer, (void*)&XmTextF_wc_value(tf)[start],
data/motif-2.3.8/lib/Xm/DataF.c:12021:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy((void*)value,
data/motif-2.3.8/lib/Xm/DataF.c:12084:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)wc_value,
data/motif-2.3.8/lib/Xm/DataFSel.c:224:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)temp, (void*)value, (unsigned)*length);
data/motif-2.3.8/lib/Xm/DataFSel.c:613:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)tmp_value, (void*)(TextF_Value(tf) + left),
data/motif-2.3.8/lib/Xm/DataFSel.c:652:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)*value, (void*)(TextF_Value(tf) + left),
data/motif-2.3.8/lib/Xm/DataFSel.c:656:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(*(char **)value)[*length]='\0';
data/motif-2.3.8/lib/Xm/DataFSel.c:680:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)tmp_value, (void*)(TextF_Value(tf) + left),
data/motif-2.3.8/lib/Xm/DialogS.c:833:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( ds_args, bb_args, (sizeof( Arg) * bb_n)) ;
data/motif-2.3.8/lib/Xm/DisplayP.h:95:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char keycode_tag[XmKEYCODE_TAG_SIZE]; /* unused */
data/motif-2.3.8/lib/Xm/DragBS.c:901:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( fill, &shortItem, 2 );
data/motif-2.3.8/lib/Xm/DragBS.c:909:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( fill, &longItem, 4 );
data/motif-2.3.8/lib/Xm/DragBS.c:1031:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &shortItem, bufptr, 2 );
data/motif-2.3.8/lib/Xm/DragBS.c:1044:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &shortItem, bufptr, 2 );
data/motif-2.3.8/lib/Xm/DragBS.c:1059:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &longItem, bufptr, 4 );
data/motif-2.3.8/lib/Xm/DragBS.c:1125:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targetsTable->entries[0].targets, nullTargets, size);
data/motif-2.3.8/lib/Xm/DragBS.c:1133:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targetsTable->entries[1].targets, stringTargets, size);
data/motif-2.3.8/lib/Xm/DragBS.c:1327:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (newTargets, targets, size);
data/motif-2.3.8/lib/Xm/DragBS.c:1413:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char atomname[80];
data/motif-2.3.8/lib/Xm/DragC.c:319:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static XmConst unsigned char protocolMatrix[7][6] = {
data/motif-2.3.8/lib/Xm/DragC.c:2083:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)dc->drag.receiverInfos,
data/motif-2.3.8/lib/Xm/DragC.c:2440:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)mb, (char *)oldMb, sizeof(MotionBufferRec));
data/motif-2.3.8/lib/Xm/DragCI.h:76:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((XtPointer) XtMalloc(len), (XtPointer)(data), (len))
data/motif-2.3.8/lib/Xm/DragICC.c:671:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, buf->curr, (size_t)size);
data/motif-2.3.8/lib/Xm/DragICC.c:705:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf->bytes, buf->stack, buf->size);
data/motif-2.3.8/lib/Xm/DragICC.c:711:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf->bytes + buf->size, ptr, (size_t)size);
data/motif-2.3.8/lib/Xm/DropDown.c:2490:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t temp[BUFSIZ];
data/motif-2.3.8/lib/Xm/DropSMgrI.c:216:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/motif-2.3.8/lib/Xm/DropSMgrI.c:230:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/motif-2.3.8/lib/Xm/DropTrans.c:525:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/motif-2.3.8/lib/Xm/DropTrans.c:529:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Transfer%d", which++);
data/motif-2.3.8/lib/Xm/EditresCom.c:406:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/EditresCom.c:408:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Unknown Protocol request %d.",event->any_event.type);
data/motif-2.3.8/lib/Xm/EditresCom.c:533:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/EditresCom.c:534:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"Unknown Protocol request %d.",event->any_event.type);
data/motif-2.3.8/lib/Xm/EditresCom.c:885:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/EditresCom.c:913:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pbuf, "Message too long");
data/motif-2.3.8/lib/Xm/EditresCom.c:940:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pbuf, "Could not convert a string");
data/motif-2.3.8/lib/Xm/EditresCom.c:948:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pbuf, "Could not convert a resource");
data/motif-2.3.8/lib/Xm/EditresCom.c:964:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pbuf, "Message too long to show");
data/motif-2.3.8/lib/Xm/EditresCom.c:1638:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d", (unsigned char)value);
data/motif-2.3.8/lib/Xm/EditresCom.c:1642:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d", (short)value);
data/motif-2.3.8/lib/Xm/EditresCom.c:1646:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d", (int)value);
data/motif-2.3.8/lib/Xm/EditresCom.c:1651:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%ld", value);
data/motif-2.3.8/lib/Xm/EditresCom.c:1705:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[64], *str;
data/motif-2.3.8/lib/Xm/EditresCom.c:2100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ptr[BUFSIZ];
data/motif-2.3.8/lib/Xm/ExtObject.c:90:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[XmNUM_BYTES];
data/motif-2.3.8/lib/Xm/ExtObject.c:326:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)extData->reqWidget, (char *)req,
data/motif-2.3.8/lib/Xm/ExtObject.c:414:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)ext->oldWidget, (char *)old, extSize);
data/motif-2.3.8/lib/Xm/ExtObject.c:417:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)ext->reqWidget, (char *)ref, extSize);
data/motif-2.3.8/lib/Xm/FontS.c:841:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:872:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
current->point_size = (short) atoi(temp);
data/motif-2.3.8/lib/Xm/FontS.c:879:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
current->resolution_x = (short) atoi(temp);
data/motif-2.3.8/lib/Xm/FontS.c:886:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
current->resolution_y = (short) atoi(temp);
data/motif-2.3.8/lib/Xm/FontS.c:911:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lower[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:1223:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ * 2];
data/motif-2.3.8/lib/Xm/FontS.c:1250:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ptr, left_buf[BUFSIZ], right_buf[BUFSIZ], fbuf[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:1356:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char res_x[BUFSIZ], res_y[BUFSIZ], point_size[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:1377:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(point_size, "%d", cf->point_size);
data/motif-2.3.8/lib/Xm/FontS.c:1382:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(res_x, "%d", (int) cf->resolution_x);
data/motif-2.3.8/lib/Xm/FontS.c:1387:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(res_y, "%d", (int) cf->resolution_y);
data/motif-2.3.8/lib/Xm/FontS.c:1689:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/motif-2.3.8/lib/Xm/FontS.c:1695:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", GValidSizes[i]);
data/motif-2.3.8/lib/Xm/FontS.c:1865:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:1913:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", cf->point_size / POINT_DIVIDE);
data/motif-2.3.8/lib/Xm/FontS.c:2042:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:2756:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:2760:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "button_%d", i);
data/motif-2.3.8/lib/Xm/FontS.c:2855:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:2892:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:2895:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (cf->point_size == (size = atoi(str) * 10))
data/motif-2.3.8/lib/Xm/FontS.c:2923:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:2961:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:3014:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:3057:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:3119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:3157:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:3189:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:3222:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:3253:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:3286:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:3318:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:3666:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/FontS.c:3688:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "*button_%d", current);
data/motif-2.3.8/lib/Xm/FontSP.h:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char slant[SLANT_LEN + 1];
data/motif-2.3.8/lib/Xm/FontSP.h:145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spacing[SPACING_LEN + 1];
data/motif-2.3.8/lib/Xm/FontSP.h:156:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fixed_spacing[SPACING_LEN + 1];
data/motif-2.3.8/lib/Xm/GadgetUtil.c:272:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)&synth_event, (char*)event,
data/motif-2.3.8/lib/Xm/GeoUtils.c:2749:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subhdr[256] ;
data/motif-2.3.8/lib/Xm/GeoUtils.c:2775:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subhdr[256] ;
data/motif-2.3.8/lib/Xm/Hierarchy.c:1201:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lowerName[BUFSIZ];
data/motif-2.3.8/lib/Xm/IconBox.c:559:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/IconBox.c:679:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/IconButton.c:1021:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lowerName[BUFSIZ];
data/motif-2.3.8/lib/Xm/IconFile.c:187:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stackBuf[MAX_CACHE_DIR_SIZE];
data/motif-2.3.8/lib/Xm/IconFile.c:207:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(&(stackBuf[oldBufLen]), currDirect->d_name, bufLen);
data/motif-2.3.8/lib/Xm/IconFile.c:258:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(nameHeap[validDir->nameOffsets[i]]), p, strlen(p));
data/motif-2.3.8/lib/Xm/IconFile.c:345:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stackString[MAX_DIR_PATH_LEN];
data/motif-2.3.8/lib/Xm/IconFile.c:567:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stackString[MAX_DIR_PATH_LEN];
data/motif-2.3.8/lib/Xm/IconG.c:733:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mask_name[255] ;
data/motif-2.3.8/lib/Xm/IconG.c:920:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reqSec, newSec, size);
data/motif-2.3.8/lib/Xm/IconG.c:1008:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(newSec->icon_cache),
data/motif-2.3.8/lib/Xm/IconG.c:1022:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((XtPointer)reqSec, (XtPointer)newSec, size);
data/motif-2.3.8/lib/Xm/IconG.c:1071:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(newSec->icon_cache),
data/motif-2.3.8/lib/Xm/ImageCache.c:252:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
entry->builtin_data = (unsigned char *) bitmaps[i];
data/motif-2.3.8/lib/Xm/ImageCache.c:746:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mask_name[255] ;
data/motif-2.3.8/lib/Xm/ImageCache.c:924:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(infile = fopen(file_name, "rb"))) {
data/motif-2.3.8/lib/Xm/ImageCache.c:1477:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)pix_entry->acc_color, (void*)acc_color,
data/motif-2.3.8/lib/Xm/ImageCache.c:1691:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mask_name[256];
data/motif-2.3.8/lib/Xm/ImageCache.c:2083:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
media_res = atoi(XpGetOneAttribute(display, pcontext, XPDocAttr,
data/motif-2.3.8/lib/Xm/Label.c:1579:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MB_LEN_MAX * 2];
data/motif-2.3.8/lib/Xm/Label.c:2554:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) *baselines, (char*) lw->label.baselines,
data/motif-2.3.8/lib/Xm/LabelG.c:946:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reqSec, newSec, size);
data/motif-2.3.8/lib/Xm/LabelG.c:1035:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(newSec->label_cache),
data/motif-2.3.8/lib/Xm/LabelG.c:1051:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((XtPointer)reqSec, (XtPointer)newSec, size);
data/motif-2.3.8/lib/Xm/LabelG.c:1097:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(newSec->label_cache),
data/motif-2.3.8/lib/Xm/LabelG.c:2007:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &LabG_Background(lw), value.addr, value.size);
data/motif-2.3.8/lib/Xm/LabelG.c:2016:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &LabG_Foreground(lw), value.addr, value.size);
data/motif-2.3.8/lib/Xm/LabelG.c:2025:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &LabG_TopShadowColor(lw), value.addr, value.size);
data/motif-2.3.8/lib/Xm/LabelG.c:2035:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &LabG_BottomShadowColor(lw), value.addr, value.size);
data/motif-2.3.8/lib/Xm/LabelG.c:2044:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &LabG_HighlightColor(lw), value.addr, value.size);
data/motif-2.3.8/lib/Xm/LabelG.c:2482:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MB_LEN_MAX * 2];
data/motif-2.3.8/lib/Xm/LabelG.c:3722:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp, LabG_Cache(widget), labg_cache_size);
data/motif-2.3.8/lib/Xm/LabelG.c:3823:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) *baselines, (char*) lw->label.baselines,
data/motif-2.3.8/lib/Xm/List.c:3869:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)sl, (char*)lw->list.selectedPositions, size);
data/motif-2.3.8/lib/Xm/List.c:7345:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lw->list.drag_event, event,
data/motif-2.3.8/lib/Xm/List.c:7481:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input_string[LIST_MAX_INPUT_SIZE + 1];
data/motif-2.3.8/lib/Xm/List.c:9649:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) posList,
data/motif-2.3.8/lib/Xm/List.c:9935:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, "SW");
data/motif-2.3.8/lib/Xm/List.c:9939:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "SW");
data/motif-2.3.8/lib/Xm/Manager.c:684:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(comp_ext, FindCompClassExtension(wc->core_class.superclass),
data/motif-2.3.8/lib/Xm/MapEvents.c:448:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keySymName[100];
data/motif-2.3.8/lib/Xm/MapEvents.c:532:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modStr[100];
data/motif-2.3.8/lib/Xm/MapEvents.c:625:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char eventTypeStr[100];
data/motif-2.3.8/lib/Xm/MessageB.c:1280:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( argsNew, al, sizeof(Arg) * ac);
data/motif-2.3.8/lib/Xm/Obso1_2.c:1501:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
key_pressed = atoi( *argv) ;
data/motif-2.3.8/lib/Xm/Obso2_0.c:210:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *result, buf[1000];
data/motif-2.3.8/lib/Xm/Obso2_0.c:236:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp, "Ctrl ");
data/motif-2.3.8/lib/Xm/Obso2_0.c:239:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp, "Shift ");
data/motif-2.3.8/lib/Xm/Obso2_0.c:242:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp, "Mod1 "); /* "Alt" may not be right on some systems */
data/motif-2.3.8/lib/Xm/Obso2_0.c:244:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp,"<Key>");
data/motif-2.3.8/lib/Xm/Obso2_0.c:246:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp,": ");
data/motif-2.3.8/lib/Xm/Paned.c:1637:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char restptr[BUFSIZ]; /* points to the rest of the string. */
data/motif-2.3.8/lib/Xm/Paned.c:1641:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ((increment = atoi(call_data->params[1])) == 0) {
data/motif-2.3.8/lib/Xm/Png.c:140:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sig[8];
data/motif-2.3.8/lib/Xm/PrintS.c:368:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
print_shell->print.print_resolution = atoi(string_resolution);
data/motif-2.3.8/lib/Xm/PrintS.c:824:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((file = fopen(file_name, "w")) == NULL) {
data/motif-2.3.8/lib/Xm/PushBG.c:1775:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reqSec, newSec, size);
data/motif-2.3.8/lib/Xm/PushBG.c:1992:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &PBG_ArmColor(new_w), value.addr, value.size);
data/motif-2.3.8/lib/Xm/PushBG.c:2081:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(newSec->label_cache),
data/motif-2.3.8/lib/Xm/PushBG.c:2085:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(newSec->pushbutton_cache),
data/motif-2.3.8/lib/Xm/PushBG.c:2106:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((XtPointer)reqSec, (XtPointer)newSec, size);
data/motif-2.3.8/lib/Xm/PushBG.c:2165:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(newSec->label_cache),
data/motif-2.3.8/lib/Xm/PushBG.c:2169:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(newSec->pushbutton_cache),
data/motif-2.3.8/lib/Xm/PushBG.c:2678:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp, LabG_Cache(widget), labg_cache_size);
data/motif-2.3.8/lib/Xm/PushBG.c:2680:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp, PBG_Cache(widget), pushbg_cache_size);
data/motif-2.3.8/lib/Xm/RepType.c:1236:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(OutputEntry->values, values, (size_t)num_values);
data/motif-2.3.8/lib/Xm/RepType.c:1399:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *params[2];
data/motif-2.3.8/lib/Xm/RepType.c:1768:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atoi(parameter + i);
data/motif-2.3.8/lib/Xm/ResConvert.c:1492:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ XtFree( (char *) table[i]) ;
data/motif-2.3.8/lib/Xm/ResConvert.c:1528:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
new_element = atoi(p); /* Grab number */
data/motif-2.3.8/lib/Xm/ResConvert.c:2118:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *stack_names[128];
data/motif-2.3.8/lib/Xm/ResConvert.c:2140:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)new_names, (char *)name_list,
data/motif-2.3.8/lib/Xm/ResConvert.c:2583:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sign[2];
data/motif-2.3.8/lib/Xm/ResConvert.c:2663:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unitType[12]; /* longest unit name is "millimeters" */
data/motif-2.3.8/lib/Xm/ResEncod.c:1042:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( text_copy, esptr, len);
data/motif-2.3.8/lib/Xm/ResEncod.c:1380:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)octets, (char *)ctx->encoding, ctx->encodinglen);
data/motif-2.3.8/lib/Xm/ResEncod.c:1381:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)(octets + ctx->encodinglen), (char *)item, length);
data/motif-2.3.8/lib/Xm/ResEncod.c:1786:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( text_copy, esptr, len);
data/motif-2.3.8/lib/Xm/ResEncod.c:2175:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)tmp, val, len);
data/motif-2.3.8/lib/Xm/ResEncod.c:2338:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)tmp, val, len);
data/motif-2.3.8/lib/Xm/ResEncod.c:2747:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( temp, *outc, *outlen);
data/motif-2.3.8/lib/Xm/ResEncod.c:2800:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &str1[str1len], str2, str2len);
data/motif-2.3.8/lib/Xm/ResEncod.c:2820:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[255];
data/motif-2.3.8/lib/Xm/ResEncod.c:2893:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[255];
data/motif-2.3.8/lib/Xm/RowColumn.c:2407:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/motif-2.3.8/lib/Xm/RowColumn.c:2424:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tmp, "Ctrl ");
data/motif-2.3.8/lib/Xm/RowColumn.c:2427:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp, "Shift ");
data/motif-2.3.8/lib/Xm/RowColumn.c:2430:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp, "Alt ");
data/motif-2.3.8/lib/Xm/RowColumn.c:2432:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp,"<KeyUp>");
data/motif-2.3.8/lib/Xm/RowColumn.c:2436:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp, ", ");
data/motif-2.3.8/lib/Xm/Scale.c:1794:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[15];
data/motif-2.3.8/lib/Xm/Scale.c:1801:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "%d%c", max_or_min_value,\
data/motif-2.3.8/lib/Xm/Scale.c:1804:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "%d", max_or_min_value);\
data/motif-2.3.8/lib/Xm/Scale.c:1836:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[15];
data/motif-2.3.8/lib/Xm/Scale.c:1843:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "%d%c", max_or_min_value,\
data/motif-2.3.8/lib/Xm/Scale.c:1846:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "%d", max_or_min_value);\
data/motif-2.3.8/lib/Xm/Scale.c:1878:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[15];
data/motif-2.3.8/lib/Xm/Scale.c:1885:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "%d%c", max_or_min_value,\
data/motif-2.3.8/lib/Xm/Scale.c:1888:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "%d", max_or_min_value);\
data/motif-2.3.8/lib/Xm/Scale.c:1912:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[15];
data/motif-2.3.8/lib/Xm/Scale.c:1921:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "%d%c", max_or_min_value,\
data/motif-2.3.8/lib/Xm/Scale.c:1924:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "%d", max_or_min_value);\
data/motif-2.3.8/lib/Xm/Scale.c:1932:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "%d%c", max_or_min_value,\
data/motif-2.3.8/lib/Xm/Scale.c:1935:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "%d", max_or_min_value);\
data/motif-2.3.8/lib/Xm/Scale.c:2837:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer,"%.*d", sw->scale.decimal_points+1, value);
data/motif-2.3.8/lib/Xm/Scale.c:2850:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (buffer,"%d", value);
data/motif-2.3.8/lib/Xm/Scale.c:2871:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/motif-2.3.8/lib/Xm/Scale.c:3268:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstring[100];
data/motif-2.3.8/lib/Xm/Screen.c:1407:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[25];
data/motif-2.3.8/lib/Xm/Screen.c:1441:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "screen%d", i);
data/motif-2.3.8/lib/Xm/SelectioB.c:2147:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_sb_args, sb_args, sizeof (Arg) * sb_n);
data/motif-2.3.8/lib/Xm/SelectioB.c:2176:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_sb_args, sb_args, sizeof (Arg) * sb_n);
data/motif-2.3.8/lib/Xm/SeparatoG.c:588:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reqSec, newSec, size);
data/motif-2.3.8/lib/Xm/SeparatoG.c:677:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(newSec->separator_cache),
data/motif-2.3.8/lib/Xm/SeparatoG.c:691:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((XtPointer)reqSec, (XtPointer)newSec, size);
data/motif-2.3.8/lib/Xm/SeparatoG.c:740:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &(newSec->separator_cache),
data/motif-2.3.8/lib/Xm/SeparatoG.c:1009:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &SEPG_Background(sg), value.addr, value.size);
data/motif-2.3.8/lib/Xm/SeparatoG.c:1018:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &SEPG_Foreground(sg), value.addr, value.size);
data/motif-2.3.8/lib/Xm/SeparatoG.c:1027:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &SEPG_TopShadowColor(sg), value.addr, value.size);
data/motif-2.3.8/lib/Xm/SeparatoG.c:1036:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &SEPG_BottomShadowColor(sg), value.addr, value.size);
data/motif-2.3.8/lib/Xm/SeparatoG.c:1095:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &SEPG_TopShadowPixmap(sg), value.addr, value.size);
data/motif-2.3.8/lib/Xm/Simple.c:113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_buf[20];
data/motif-2.3.8/lib/Xm/Simple.c:170:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name_buf,"label_%d", label_count++);
data/motif-2.3.8/lib/Xm/Simple.c:177:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name_buf,"separator_%d", separator_count++);
data/motif-2.3.8/lib/Xm/Simple.c:182:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name_buf,"button_%d", button_count++);
data/motif-2.3.8/lib/Xm/Simple.c:194:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name_buf,"button_%d", button_count++);
data/motif-2.3.8/lib/Xm/Simple.c:205:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name_buf,"button_%d", button_count++);
data/motif-2.3.8/lib/Xm/Simple.c:424:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_buf[20];
data/motif-2.3.8/lib/Xm/Simple.c:434:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name_buf,"button_%d", i);
data/motif-2.3.8/lib/Xm/Simple.c:467:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_buf[20];
data/motif-2.3.8/lib/Xm/Simple.c:484:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name_buf,"button_%d", i);
data/motif-2.3.8/lib/Xm/SpinB.c:1856:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(*buffer, "%*.0f", digits, result);
data/motif-2.3.8/lib/Xm/SpinB.c:1859:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(*buffer, "%*.*f", digits, decimal, result);
data/motif-2.3.8/lib/Xm/Synthetic.c:125:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((char *) new_resources, (char *) sc_resources,
data/motif-2.3.8/lib/Xm/TabStack.c:4557:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pid_buf[64];
data/motif-2.3.8/lib/Xm/TabStack.c:4559:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pid_buf, "ICS_TAB_PID_%d\n", (int)getpid());
data/motif-2.3.8/lib/Xm/TearOff.c:836:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&newEvent, event, sizeof(XButtonEvent));
data/motif-2.3.8/lib/Xm/TearOff.c:1083:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sprop, rprop, (size_t)sizeof(long) * num_items);
data/motif-2.3.8/lib/Xm/Text.c:1039:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) oldline, (void *) line,
data/motif-2.3.8/lib/Xm/Text.c:1130:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
XtFree((char *) oldline[j].extra);
data/motif-2.3.8/lib/Xm/Text.c:2226:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (tw->text.value == (char *)args[i].value &&
data/motif-2.3.8/lib/Xm/Text.c:3112:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) tw->text.old_highlight.list,
data/motif-2.3.8/lib/Xm/Text.c:3187:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) line_table, (void *) tw->text.line_table,
data/motif-2.3.8/lib/Xm/Text.c:4196:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_cache[30];
data/motif-2.3.8/lib/Xm/Text.c:4208:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, "SW");
data/motif-2.3.8/lib/Xm/Text.c:4210:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "SW");
data/motif-2.3.8/lib/Xm/TextF.c:1361:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MB_LEN_MAX]; /* defined in limits.h: max in any locale */
data/motif-2.3.8/lib/Xm/TextF.c:2049:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack_cache[400], *tmp;
data/motif-2.3.8/lib/Xm/TextF.c:2071:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack_cache[400], *tmp;
data/motif-2.3.8/lib/Xm/TextF.c:2116:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack_cache[400], *tmp;
data/motif-2.3.8/lib/Xm/TextF.c:2138:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack_cache[400], *tmp;
data/motif-2.3.8/lib/Xm/TextF.c:2652:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)newblock.ptr, (void*)*insert,
data/motif-2.3.8/lib/Xm/TextF.c:2712:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)wcs_newblock.wcsptr, (void*)*insert,
data/motif-2.3.8/lib/Xm/TextF.c:2757:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)*insert, (void*)wcs_vcb.text->wcsptr,
data/motif-2.3.8/lib/Xm/TextF.c:2774:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)*insert, (void*)vcb.text->ptr,
data/motif-2.3.8/lib/Xm/TextF.c:3078:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(insert, insert_orig, insert_length * size);
data/motif-2.3.8/lib/Xm/TextF.c:3490:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[MB_LEN_MAX];
data/motif-2.3.8/lib/Xm/TextF.c:3491:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[MB_LEN_MAX];
data/motif-2.3.8/lib/Xm/TextF.c:3721:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scratch[8];
data/motif-2.3.8/lib/Xm/TextF.c:3788:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scratch[8];
data/motif-2.3.8/lib/Xm/TextF.c:3819:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cache[100];
data/motif-2.3.8/lib/Xm/TextF.c:3864:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char insert_string[TEXT_MAX_INSERT_SIZE + 1]; /* NULL-terminated below */
data/motif-2.3.8/lib/Xm/TextF.c:3925:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack_cache[100];
data/motif-2.3.8/lib/Xm/TextF.c:5777:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)tf->text.transfer_action->event, (void *)event,
data/motif-2.3.8/lib/Xm/TextF.c:6180:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spaces_cache[100];
data/motif-2.3.8/lib/Xm/TextF.c:6829:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)TextF_SelectionArray(tf), (void *)temp_ptr,
data/motif-2.3.8/lib/Xm/TextF.c:6977:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stack_cache[400];
data/motif-2.3.8/lib/Xm/TextF.c:6993:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *params[1], err_str[5];
data/motif-2.3.8/lib/Xm/TextF.c:6994:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(err_str, "\\%o", (unsigned char) *curr_str);
data/motif-2.3.8/lib/Xm/TextF.c:7025:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *params[1], *err_str;
data/motif-2.3.8/lib/Xm/TextF.c:7032:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(err_str + (i * 4), "\\%o", (unsigned char) curr_str[i]);
data/motif-2.3.8/lib/Xm/TextF.c:7037:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(err_str, "\\%o", (unsigned char) *curr_str);
data/motif-2.3.8/lib/Xm/TextF.c:7062:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(char *) memcpy(XtMalloc((unsigned)(tf->text.string_length + 30)),
data/motif-2.3.8/lib/Xm/TextF.c:7081:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scratch[8];
data/motif-2.3.8/lib/Xm/TextF.c:7102:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *params[1];
data/motif-2.3.8/lib/Xm/TextF.c:7109:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(err_str + (i * 4), "\\%o", (unsigned char) scratch[i]);
data/motif-2.3.8/lib/Xm/TextF.c:7126:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *params[1];
data/motif-2.3.8/lib/Xm/TextF.c:7134:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(err_str + (i * 4), "\\%o", (unsigned char) scratch[i]);
data/motif-2.3.8/lib/Xm/TextF.c:7164:37: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
TextF_WcValue(tf) = (wchar_t*)memcpy(XtMalloc((unsigned)
data/motif-2.3.8/lib/Xm/TextF.c:7451:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pixmap_name[64];
data/motif-2.3.8/lib/Xm/TextF.c:7455:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pixmap_name, "_XmText_%d_%d", tf->text.cursor_height, line_width);
data/motif-2.3.8/lib/Xm/TextF.c:7537:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pixmap_name[64];
data/motif-2.3.8/lib/Xm/TextF.c:7539:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pixmap_name, "_XmText_AddMode_%d_%d",
data/motif-2.3.8/lib/Xm/TextF.c:8110:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)TextF_SelectionArray(new_tf), (void *)temp_ptr,
data/motif-2.3.8/lib/Xm/TextF.c:8239:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(char *) memcpy(XtRealloc(TextF_Value(new_tf),
data/motif-2.3.8/lib/Xm/TextF.c:8249:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(wchar_t*)memcpy( XtRealloc((char *)TextF_WcValue(new_tf),
data/motif-2.3.8/lib/Xm/TextF.c:8993:17: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&tf->text.value[PreStart(tf)], mb,
data/motif-2.3.8/lib/Xm/TextF.c:9000:17: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((char *)&tf->text.wc_value[PreStart(tf)], (char *)wc,
data/motif-2.3.8/lib/Xm/TextF.c:9214:16: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&tf->text.value[PreStart(tf)+call_data->chg_first+
data/motif-2.3.8/lib/Xm/TextF.c:9219:17: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((char *)&tf->text.wc_value[PreStart(tf)+
data/motif-2.3.8/lib/Xm/TextF.c:9422:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(&tf->text.value[PreStart(tf)], str,
data/motif-2.3.8/lib/Xm/TextF.c:9431:11: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy((char *)&tf->text.wc_value[PreStart(tf)], (char *)wc_string,
data/motif-2.3.8/lib/Xm/TextF.c:9594:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)buffer, (void*)&TextF_Value(tf)[start], num_chars);
data/motif-2.3.8/lib/Xm/TextF.c:9621:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)temp_wcs, (void*)TextF_WcValue(tf),
data/motif-2.3.8/lib/Xm/TextF.c:9666:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)buffer, (void*)&TextF_WcValue(tf)[start],
data/motif-2.3.8/lib/Xm/TextF.c:10226:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy((void*)value,
data/motif-2.3.8/lib/Xm/TextF.c:10273:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)wc_value,
data/motif-2.3.8/lib/Xm/TextFSel.c:281:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)temp, (void*)value, (size_t)*length);
data/motif-2.3.8/lib/Xm/TextFSel.c:545:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)tmp_value, (void*)(TextF_Value(tf) + left),
data/motif-2.3.8/lib/Xm/TextFSel.c:585:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)*value, (void*)(TextF_Value(tf) + left),
data/motif-2.3.8/lib/Xm/TextFSel.c:589:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(*(char **)value)[*length]='\0';
data/motif-2.3.8/lib/Xm/TextFSel.c:613:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)tmp_value, (void*)(TextF_Value(tf) + left),
data/motif-2.3.8/lib/Xm/TextFSel.c:657:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)tmp_value, (void*)(TextF_Value(tf) + left),
data/motif-2.3.8/lib/Xm/TextFSel.c:1176:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)temp, (void*)ds->value, (size_t)ds->length);
data/motif-2.3.8/lib/Xm/TextFunc.c:866:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)&buffer[destpos], (void*)block.ptr,
data/motif-2.3.8/lib/Xm/TextIn.c:1357:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[TEXT_MAX_INSERT_SIZE+ 1]; /* NULL-terminated below */
data/motif-2.3.8/lib/Xm/TextIn.c:2878:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[32];
data/motif-2.3.8/lib/Xm/TextIn.c:4001:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)data->transfer_action->event, (void *)event,
data/motif-2.3.8/lib/Xm/TextIn.c:5814:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)data->sarray, (void *)temp_ptr, (data->sarraycount *
data/motif-2.3.8/lib/Xm/TextIn.c:6052:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)data->sarray, (void *)temp_ptr, (data->sarraycount *
data/motif-2.3.8/lib/Xm/TextOut.c:1306:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_cache[200];
data/motif-2.3.8/lib/Xm/TextOut.c:1309:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[MB_LEN_MAX];
data/motif-2.3.8/lib/Xm/TextOut.c:1425:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_cache[200];
data/motif-2.3.8/lib/Xm/TextOut.c:1428:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_char[MB_LEN_MAX];
data/motif-2.3.8/lib/Xm/TextOut.c:4073:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pixmap_name[64];
data/motif-2.3.8/lib/Xm/TextOut.c:4078:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pixmap_name, "_XmText_%d_%d", data->cursorheight, line_width);
data/motif-2.3.8/lib/Xm/TextOut.c:4179:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pixmap_name[64];
data/motif-2.3.8/lib/Xm/TextOut.c:4182:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pixmap_name, "_XmText_AddMode_%d_%d",
data/motif-2.3.8/lib/Xm/TextSel.c:536:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)*value, (void*)tmp_prop.value,(size_t)tmp_prop.nitems);
data/motif-2.3.8/lib/Xm/TextSel.c:564:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)*value, (void*)tmp_prop.value,(size_t)tmp_prop.nitems);
data/motif-2.3.8/lib/Xm/TextSel.c:586:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void*)*value, (void*)tmp_prop.value,(size_t)tmp_prop.nitems);
data/motif-2.3.8/lib/Xm/TextStrSo.c:142:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy((void*)characters, (void*)bytes, num_chars);
data/motif-2.3.8/lib/Xm/TextStrSo.c:218:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy((void*)bytes, (void*)characters, num_chars);
data/motif-2.3.8/lib/Xm/TextStrSo.c:291:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)&buf[destpos], (void*)block.ptr, block.length);
data/motif-2.3.8/lib/Xm/TextStrSo.c:784:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy((void*) newblock->ptr, (void*) block->ptr,
data/motif-2.3.8/lib/Xm/TextStrSo.c:822:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)newblock->ptr, (void*)tvcb.text->ptr,
data/motif-2.3.8/lib/Xm/TextStrSo.c:1131:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mb_char[1 + MB_LEN_MAX];
data/motif-2.3.8/lib/Xm/TextStrSo.c:1202:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mb_char[1 + MB_LEN_MAX];
data/motif-2.3.8/lib/Xm/TextStrSo.c:1633:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy((void*)&temp[length], (void*)block.ptr, block.length);
data/motif-2.3.8/lib/Xm/ToggleBG.c:832:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reqSec, newSec, size);
data/motif-2.3.8/lib/Xm/ToggleBG.c:1081:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&saved_Text, &LabG_TextRect(tb), sizeof(XRectangle));
data/motif-2.3.8/lib/Xm/ToggleBG.c:1129:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&LabG_TextRect(tb), &saved_Text, sizeof(XRectangle));
data/motif-2.3.8/lib/Xm/ToggleBG.c:2432:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &TBG_SelectColor(new_w), value.addr, value.size);
data/motif-2.3.8/lib/Xm/ToggleBG.c:3184:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&(newSec->label_cache),
data/motif-2.3.8/lib/Xm/ToggleBG.c:3188:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(newSec->toggle_cache),
data/motif-2.3.8/lib/Xm/ToggleBG.c:3208:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((XtPointer)reqSec, (XtPointer)newSec, size);
data/motif-2.3.8/lib/Xm/ToggleBG.c:3267:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&(newSec->label_cache),
data/motif-2.3.8/lib/Xm/ToggleBG.c:3271:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&(newSec->toggle_cache),
data/motif-2.3.8/lib/Xm/ToggleBG.c:3777:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &TBG_SelectColor(newcbox), value.addr, value.size);
data/motif-2.3.8/lib/Xm/ToggleBG.c:4174:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (cp, LabG_Cache(widget), labg_cache_size);
data/motif-2.3.8/lib/Xm/ToggleBG.c:4176:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (cp, TBG_Cache(widget), togglebg_cache_size);
data/motif-2.3.8/lib/Xm/Transfer.c:538:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&((char*) cs -> value)[offset], (char*) data, user_bytes);
data/motif-2.3.8/lib/Xm/Transfer.c:1114:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(malloc_ds, ds, sizeof(XmDropProcCallbackStruct));
data/motif-2.3.8/lib/Xm/TraversalI.c:1690:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rows + row, rows + row - 1, sizeof(XmTraversalRow));
data/motif-2.3.8/lib/Xm/TraversalI.c:1697:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rows + new_index, &new_data, sizeof(XmTraversalRow));
data/motif-2.3.8/lib/Xm/TraversalI.c:1713:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(list + first_free, rows[row].items,
data/motif-2.3.8/lib/Xm/TraversalI.c:2057:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &tmp,
data/motif-2.3.8/lib/Xm/TraversalI.c:2060:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) (node_list + idx + 1),
data/motif-2.3.8/lib/Xm/TraversalI.c:2063:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) (node_list + num_nodes - idx - 1),
data/motif-2.3.8/lib/Xm/TraversalI.c:2071:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) &tmp,
data/motif-2.3.8/lib/Xm/TraversalI.c:2077:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) (node_list + 1),
data/motif-2.3.8/lib/Xm/Tree.c:992:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lowerName[BUFSIZ];
data/motif-2.3.8/lib/Xm/Tree.c:1049:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lowerName[BUFSIZ];
data/motif-2.3.8/lib/Xm/Tree.c:1095:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lowerName[BUFSIZ];
data/motif-2.3.8/lib/Xm/TxtPropCv.c:181:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, text, char_count);
data/motif-2.3.8/lib/Xm/TxtPropCv.c:205:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, text, char_count);
data/motif-2.3.8/lib/Xm/TxtPropCv.c:215:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, text, char_count);
data/motif-2.3.8/lib/Xm/TxtPropCv.c:451:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ubufptr, bufptr, size);
data/motif-2.3.8/lib/Xm/TxtPropCv.c:546:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strcpy((char *)bufptr, useable_text[i]);
data/motif-2.3.8/lib/Xm/TxtPropCv.c:650:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
while (elements > 0) XtFree((char *)string_table[--elements]);
data/motif-2.3.8/lib/Xm/VendorS.c:821:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)*compExtPtr, (char*)*superExtPtr,
data/motif-2.3.8/lib/Xm/VendorS.c:1542:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reqSec, newSec, size);
data/motif-2.3.8/lib/Xm/VendorS.c:1802:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024], buf2[1024], header[200], *bp, *newline_pos;
data/motif-2.3.8/lib/Xm/VendorS.c:1823:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *par[10];
data/motif-2.3.8/lib/Xm/VendorS.c:1825:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)par, (char*)params, i * sizeof(String));
data/motif-2.3.8/lib/Xm/VendorS.c:1843:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (&buf2[pos], " ");
data/motif-2.3.8/lib/Xm/VendorS.c:1968:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)newExtData->oldWidget, (char *)oldExtData->widget, extSize);
data/motif-2.3.8/lib/Xm/VendorS.c:1980:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)newExtData->reqWidget, (char *)oldExtData->widget, extSize);
data/motif-2.3.8/lib/Xm/VendorSE.c:706:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( extData->reqWidget, req,
data/motif-2.3.8/lib/Xm/VirtKeys.c:842:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[256];
data/motif-2.3.8/lib/Xm/VirtKeys.c:845:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fileP = fopen (fileName, "r")) != NULL)
data/motif-2.3.8/lib/Xm/VirtKeys.c:900:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAXLINE];
data/motif-2.3.8/lib/Xm/VirtKeys.c:983:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen (fileName, "r")) != NULL)
data/motif-2.3.8/lib/Xm/VirtKeys.c:1007:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen (fileName, "r")) != NULL)
data/motif-2.3.8/lib/Xm/Xm.c:337:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *new_params[11];
data/motif-2.3.8/lib/Xm/Xm.c:438:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *params[1];
data/motif-2.3.8/lib/Xm/XmIm.c:1060:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[BUFSIZ];
data/motif-2.3.8/lib/Xm/XmIm.c:1586:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wchar, text->string.wide_char, text->length * sizeof(wchar_t));
data/motif-2.3.8/lib/Xm/XmIm.c:2220:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[BUFSIZ];
data/motif-2.3.8/lib/Xm/XmIm.c:2252:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tmp,"@im=");
data/motif-2.3.8/lib/Xm/XmRenderT.c:585:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((char *)GetPtr(rend) + res->xrm_offset),
data/motif-2.3.8/lib/Xm/XmRenderT.c:1215:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)copy, (char *)GetPtr(rend), sizeof(_XmRenditionRec));
data/motif-2.3.8/lib/Xm/XmRenderT.c:1631:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)dst, (char *)src, (size_t)size);
data/motif-2.3.8/lib/Xm/XmRenderT.c:1654:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)dst, p, (size_t)size);
data/motif-2.3.8/lib/Xm/XmRenderT.c:1674:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy((char*)dst, (char*)src, (size_t)size);
data/motif-2.3.8/lib/Xm/XmRenderT.c:1687:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy((char *)*dst, (char *)src, (size_t)size);
data/motif-2.3.8/lib/Xm/XmRenderT.c:1927:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *params[1];
data/motif-2.3.8/lib/Xm/XmRenderT.c:2627:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char CVTtransfervector[256];
data/motif-2.3.8/lib/Xm/XmRenderT.c:2677:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[2048];
data/motif-2.3.8/lib/Xm/XmRenderT.c:2701:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(temp, "[ ");
data/motif-2.3.8/lib/Xm/XmRenderT.c:2706:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp + strlen(temp), " %f %d %d %d, ", tab -> value,
data/motif-2.3.8/lib/Xm/XmRenderT.c:2711:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(temp, " ], ");
data/motif-2.3.8/lib/Xm/XmRenderT.c:2720:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%ld, ", _XmRendBG(rendition));
data/motif-2.3.8/lib/Xm/XmRenderT.c:2729:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%ld, ", _XmRendFG(rendition));
data/motif-2.3.8/lib/Xm/XmRenderT.c:2738:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%d, ", _XmRendUnderlineType(rendition));
data/motif-2.3.8/lib/Xm/XmRenderT.c:2747:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%d, ", _XmRendStrikethruType(rendition));
data/motif-2.3.8/lib/Xm/XmRenderT.c:2833:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[80];
data/motif-2.3.8/lib/Xm/XmRenderT.c:3218:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *items[20];
data/motif-2.3.8/lib/Xm/XmRenderT.c:3223:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *freelater[5];
data/motif-2.3.8/lib/Xm/XmString.c:206:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static XmConst unsigned char ASNHeader[ASNHEADERLEN] = { 0xdf, 0x80, 0x06 };
data/motif-2.3.8/lib/Xm/XmString.c:638:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( uchar_p, ASNHeader, ASNHEADERLEN);
data/motif-2.3.8/lib/Xm/XmString.c:820:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)uchar_p, (char *)value, (size_t)length);
data/motif-2.3.8/lib/Xm/XmString.c:842:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (value != NULL) memcpy(value, uchar_p, *length);
data/motif-2.3.8/lib/Xm/XmString.c:901:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_XmStrText(opt_str), text, t_length);
data/motif-2.3.8/lib/Xm/XmString.c:1185:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, tag, length);
data/motif-2.3.8/lib/Xm/XmString.c:1495:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_XmStrText((_XmString)opt_str), _XmStrText(a), a_len);
data/motif-2.3.8/lib/Xm/XmString.c:1497:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((_XmStrText((_XmString)opt_str) + a_len),
data/motif-2.3.8/lib/Xm/XmString.c:1776:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((char *)_XmEntryTextGet((_XmStringEntry)a_last)) + a_len,
data/motif-2.3.8/lib/Xm/XmString.c:3333:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(text, _XmEntryTextGet(entry), len);
data/motif-2.3.8/lib/Xm/XmString.c:3399:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(text, _XmEntryTextGet(entry), len);
data/motif-2.3.8/lib/Xm/XmString.c:3613:10: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (((wchar_t *)a)[(i+j)/len_a] != ((wchar_t *)b)[j/len_a]) {
data/motif-2.3.8/lib/Xm/XmString.c:3613:41: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (((wchar_t *)a)[(i+j)/len_a] != ((wchar_t *)b)[j/len_a]) {
data/motif-2.3.8/lib/Xm/XmString.c:3913:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flip_char[100]; /* but simple */
data/motif-2.3.8/lib/Xm/XmString.c:5330:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_XmStrText((_XmString)string), (c + _asn1_size(length)),
data/motif-2.3.8/lib/Xm/XmString.c:5336:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_XmStrText((_XmString)string), (c + _asn1_size(length)),
data/motif-2.3.8/lib/Xm/XmString.c:5809:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)new_entry, (char *)entry, size);
data/motif-2.3.8/lib/Xm/XmString.c:5812:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)new_entry, (char *)entry, sizeof(_XmStringOptSegRec));
data/motif-2.3.8/lib/Xm/XmString.c:5817:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)text, (char *)_XmEntryTextGet(entry), entry_len);
data/motif-2.3.8/lib/Xm/XmString.c:5827:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)new_entry, (char *)entry, sizeof(_XmStringArraySegRec));
data/motif-2.3.8/lib/Xm/XmString.c:5842:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)new_entry, (char *)entry,
data/motif-2.3.8/lib/Xm/XmString.c:5848:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)text,
data/motif-2.3.8/lib/Xm/XmString.c:6907:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(n_o_string, string,
data/motif-2.3.8/lib/Xm/XmString.c:7514:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
printf ("%c", ((char *)_XmEntryTextGet(seg))[k]);
data/motif-2.3.8/lib/Xm/XmString.c:7562:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &OutStr[OldLen], (char *)val, len) ;
data/motif-2.3.8/lib/Xm/XmString.c:7814:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mb_text[MB_LEN_MAX];
data/motif-2.3.8/lib/Xm/XmString.c:7822:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mb_pattern[MB_LEN_MAX];
data/motif-2.3.8/lib/Xm/XmString.c:8226:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(*result + *length, c_value, c_length);
data/motif-2.3.8/lib/Xm/XmString.c:8235:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(null_text, c_value, c_length);
data/motif-2.3.8/lib/Xm/XmString.c:8250:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(null_text, c_value, c_length);
data/motif-2.3.8/lib/Xm/XmString.c:8751:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, &opt, sizeof(_XmStringOptRec) - TEXT_BYTES_IN_STRUCT);
data/motif-2.3.8/lib/Xm/XmString.c:8752:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_XmStrText(str), value, _XmStrByteCount((_XmString)&opt));
data/motif-2.3.8/lib/Xm/XmString.c:9097:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, seg_text, char_count);
data/motif-2.3.8/lib/Xm/XmString.c:9269:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(target, source, sizeof(_XmStringContextRec));
data/motif-2.3.8/lib/Xm/XmString.c:9275:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_XmStrContRendTags(target), _XmStrContRendTags(source), size);
data/motif-2.3.8/lib/Xm/XmString.c:9308:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_XmStrContRendTags(context) + _XmStrContRendCount(context),
data/motif-2.3.8/lib/Xm/XmString.c:9746:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, (str + diff), used);
data/motif-2.3.8/lib/Xm/XmStringI.h:168:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[TEXT_BYTES_IN_STRUCT];
data/motif-2.3.8/lib/Xm/XmStringI.h:295:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t wchars[1];
data/motif-2.3.8/lib/Xm/XmStringI.h:296:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char chars[1];
data/motif-2.3.8/lib/Xm/XmStringI.h:312:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pad2byte[2];
data/motif-2.3.8/lib/Xm/XmStringSeg.c:158:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) perm_rends,
data/motif-2.3.8/lib/Xm/XmStringSeg.c:226:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*) perm_rends,
data/motif-2.3.8/lib/Xm/XmStringSeg.c:280:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, *text, *char_count);
data/motif-2.3.8/lib/Xm/XmTabList.c:569:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
decimal = (char *)arglist[i].value;
data/motif-2.3.8/lib/Xm/XmTabList.c:639:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *)new_tab, (char *)tab, sizeof(_XmTabRec));
data/motif-2.3.8/lib/Xm/XmTabList.c:688:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[100];
data/motif-2.3.8/lib/Xm/XmTabList.c:713:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "<Unknown units %d>", units);
data/motif-2.3.8/lib/Xm/XmTabList.c:721:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[100];
data/motif-2.3.8/lib/Xm/XmTabList.c:730:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "<Unknown model %d>", model);
data/motif-2.3.8/lib/Xm/XmTabList.c:738:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[100];
data/motif-2.3.8/lib/Xm/XmTabList.c:749:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "<Unknown alignment %d>", alignment);
data/motif-2.3.8/lib/Xm/Xmfuncs.h:38:6: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
void bcopy();
data/motif-2.3.8/lib/Xm/Xmfuncs.h:45:9: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(b1,b2,len) memmove(b2, b1, (size_t)(len))
data/motif-2.3.8/lib/Xm/Xmfuncs.h:54:6: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
void bcopy();
data/motif-2.3.8/lib/Xm/Xmfuncs.h:58:6: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
void bcopy();
data/motif-2.3.8/lib/Xm/Xmfuncs.h:78:30: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memmove(dst,src,len) bcopy((char *)(src),(char *)(dst),(int)(len))
data/motif-2.3.8/lib/Xm/Xmfuncs.h:85:30: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memmove(dst,src,len) bcopy((char *)(src),(char *)(dst),(int)(len))
data/motif-2.3.8/lib/Xm/Xmfuncs.h:86:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memcpy(dst,src,len) bcopy((char *)(src),(char *)(dst),(int)(len))
data/motif-2.3.8/lib/Xm/Xmfuncs.h:86:29: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memcpy(dst,src,len) bcopy((char *)(src),(char *)(dst),(int)(len))
data/motif-2.3.8/lib/Xm/Xmos.c:112:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[1] ; /* Must be last entry in structure. */
data/motif-2.3.8/lib/Xm/Xmos.c:154:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
XtFree((char *) dirCache[--numCacheEntries]);
data/motif-2.3.8/lib/Xm/Xmos.c:232:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nameBuf[MAX_USER_NAME_LEN];
data/motif-2.3.8/lib/Xm/Xmos.c:233:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirbuf[MAX_DIR_PATH_LEN];
data/motif-2.3.8/lib/Xm/Xmos.c:1228:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stackString[MAX_DIR_PATH_LEN];
data/motif-2.3.8/lib/Xm/Xmos.c:1422:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(maskNameBuf, "_m");
data/motif-2.3.8/lib/Xm/XmosP.h:46:8: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#ifdef bcopy
data/motif-2.3.8/lib/Xm/XmosP.h:47:8: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#undef bcopy
data/motif-2.3.8/lib/Xm/XmosP.h:52:33: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define memmove( p1, p2, p3 ) bcopy( p2, p1, p3 )
data/motif-2.3.8/lib/Xm/Xmos_r.h:241:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwbuf[1024];
data/motif-2.3.8/lib/Xm/Xmos_r.h:254:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(p).pws, (p).pwp, sizeof(struct passwd));
data/motif-2.3.8/lib/Xm/Xmos_r.h:285:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(memcpy(&(p).pws, (p).pwp, sizeof(struct passwd)), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:325:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwbuf[X_LINE_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:355:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwbuf[X_LINE_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:424:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char h_name[MAXHOSTNAMELEN];
data/motif-2.3.8/lib/Xm/Xmos_r.h:429:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_name[255];
data/motif-2.3.8/lib/Xm/Xmos_r.h:430:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s_proto[255];
data/motif-2.3.8/lib/Xm/Xmos_r.h:434:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(memcpy(&(hp).hent, (hp).hptr, sizeof(struct hostent)), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:440:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(memcpy(&(sp).sent, (sp).sptr, sizeof(struct servent)), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:482:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hbuf[X_LINE_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:487:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[X_LINE_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:575:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[_POSIX_PATH_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:577:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NAME_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:579:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[255];
data/motif-2.3.8/lib/Xm/Xmos_r.h:586:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(memcpy(&((p).dir_entry), (p).result, (p).result->d_reclen), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:597:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[_POSIX_PATH_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:599:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NAME_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:601:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[255];
data/motif-2.3.8/lib/Xm/Xmos_r.h:625:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(memcpy(&((p).dir_entry), (p).result, (p).result->d_reclen), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:642:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(memcpy(&((p).dir_entry), (p).result, (p).result->d_reclen), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:693:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXLOGNAME];
data/motif-2.3.8/lib/Xm/Xmos_r.h:695:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LOGIN_NAME_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:697:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/motif-2.3.8/lib/Xm/Xmos_r.h:703:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[TTY_NAME_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:705:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[_POSIX_TTY_NAME_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:707:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[_POSIX_PATH_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:709:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/motif-2.3.8/lib/Xm/Xmos_r.h:738:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXLOGNAME];
data/motif-2.3.8/lib/Xm/Xmos_r.h:740:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LOGIN_NAME_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:742:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/motif-2.3.8/lib/Xm/Xmos_r.h:747:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[TTY_NAME_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:749:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[_POSIX_TTY_NAME_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:751:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[_POSIX_PATH_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:753:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/motif-2.3.8/lib/Xm/Xmos_r.h:769:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAXLOGNAME];
data/motif-2.3.8/lib/Xm/Xmos_r.h:771:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[LOGIN_NAME_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:773:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/motif-2.3.8/lib/Xm/Xmos_r.h:778:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[TTY_NAME_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:780:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[_POSIX_TTY_NAME_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:782:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[_POSIX_PATH_MAX];
data/motif-2.3.8/lib/Xm/Xmos_r.h:784:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/motif-2.3.8/lib/Xm/Xmos_r.h:887:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[TIMELEN];
data/motif-2.3.8/lib/Xm/Xmos_r.h:889:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[26];
data/motif-2.3.8/lib/Xm/Xmos_r.h:914:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(memcpy(&(p).buf, (p).result, sizeof((p).buf)), (p).result = &(p).buf) : \
data/motif-2.3.8/lib/Xm/Xmos_r.h:921:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(memcpy(&(p).buf, (p).result, sizeof((p).buf)), (p).result = &(p).buf) : \
data/motif-2.3.8/lib/Xm/Xmos_r.h:935:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char _Xatimeparams[TIMELEN];
data/motif-2.3.8/lib/Xm/Xmos_r.h:936:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char _Xctimeparams[TIMELEN];
data/motif-2.3.8/lib/Xm/Xmos_r.h:938:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char _Xatimeparams[26];
data/motif-2.3.8/lib/Xm/Xmos_r.h:939:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char _Xctimeparams[26];
data/motif-2.3.8/lib/Xm/Xmos_r.h:957:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char _Xatimeparams[TIMELEN];
data/motif-2.3.8/lib/Xm/Xmos_r.h:958:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char _Xctimeparams[TIMELEN];
data/motif-2.3.8/lib/Xm/Xmos_r.h:960:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char _Xatimeparams[26];
data/motif-2.3.8/lib/Xm/Xmos_r.h:961:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char _Xctimeparams[26];
data/motif-2.3.8/lib/Xm/Xmos_r.h:985:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char _Xatimeparams[TIMELEN];
data/motif-2.3.8/lib/Xm/Xmos_r.h:986:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char _Xctimeparams[TIMELEN];
data/motif-2.3.8/lib/Xm/Xmos_r.h:988:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char _Xatimeparams[26];
data/motif-2.3.8/lib/Xm/Xmos_r.h:989:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char _Xctimeparams[26];
data/motif-2.3.8/lib/Xm/Xmos_r.h:1045:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[X_LINE_MAX]; /* Should be sysconf(_SC_GETGR_R_SIZE_MAX)? */
data/motif-2.3.8/lib/Xm/Xmos_r.h:1052:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
( memcpy(&(p).grp, (p).pgrp, sizeof(struct group)), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:1061:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
( memcpy(&(p).grp, (p).pgrp, sizeof(struct group)), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:1086:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[X_LINE_MAX]; /* Should be sysconf(_SC_GETGR_R_SIZE_MAX)? */
data/motif-2.3.8/lib/Xm/Xmos_r.h:1099:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[X_LINE_MAX]; /* Should be sysconf(_SC_GETGR_R_SIZE_MAX)? */
data/motif-2.3.8/lib/Xm/Xmos_r.h:1119:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[X_LINE_MAX]; /* Should be sysconf(_SC_GETGR_R_SIZE_MAX)? */
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:141:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "/* XPM */\nstatic char * image_name[] = {\n");
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:170:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "\"%d %d %d %d", image->width, image->height,
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:189:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf + l, " XPMEXT");
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:197:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf + l, "\",\n");
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:263:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ptr + used_size, "};\n");
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:280:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ] = {0};
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:312:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "\",\n");
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:357:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "\",\n");
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:118:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:155:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%d %d %d %d", image->width, image->height,
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:165:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, " %d %d", info->x_hotspot, info->y_hotspot);
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:171:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, " XPMEXT");
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:248:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:394:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(*dataptr, "XPMENDEXT");
data/motif-2.3.8/lib/Xm/XpmI.h:150:9: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#ifndef bcopy
data/motif-2.3.8/lib/Xm/XpmI.h:151:9: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(source, dest, count) memcpy(dest, source, count)
data/motif-2.3.8/lib/Xm/XpmI.h:151:36: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(source, dest, count) memcpy(dest, source, count)
data/motif-2.3.8/lib/Xm/XpmI.h:206:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Comment[XPMMAXCMTLEN];
data/motif-2.3.8/lib/Xm/XpmRdFToBuf.c:78:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename, O_RDONLY);
data/motif-2.3.8/lib/Xm/XpmRdFToBuf.c:80:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(filename, O_RDONLY, NULL);
data/motif-2.3.8/lib/Xm/XpmRdFToI.c:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *compressfile, buf[(2*MAXPATHLEN) + 1];
data/motif-2.3.8/lib/Xm/XpmRdFToI.c:197:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(mdata->stream.file = fopen(filename, "r"))) {
data/motif-2.3.8/lib/Xm/XpmWrFFrBuf.c:51:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "w");
data/motif-2.3.8/lib/Xm/XpmWrFFrI.c:103:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name, *dot, *s, new_name[BUFSIZ] = {0};
data/motif-2.3.8/lib/Xm/XpmWrFFrI.c:314:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/XpmWrFFrI.c:342:33: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(mdata->stream.file = fopen(filename, "w")))
data/motif-2.3.8/lib/Xm/Xpmcreate.c:991:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char Const _reverse_byte[0x100] = {
data/motif-2.3.8/lib/Xm/Xpmcreate.c:1109:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char Const _lomask[0x09] = {
data/motif-2.3.8/lib/Xm/Xpmcreate.c:1111:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char Const _himask[0x09] = {
data/motif-2.3.8/lib/Xm/Xpmcreate.c:2353:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/Xpmdata.c:244:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/Xpmdata.c:411:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ+1] = {0};
data/motif-2.3.8/lib/Xm/Xpmparse.c:239:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ + 1];
data/motif-2.3.8/lib/Xm/Xpmparse.c:351:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ + 1];
data/motif-2.3.8/lib/Xm/Xpmparse.c:352:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char curbuf[BUFSIZ]; /* current buffer */
data/motif-2.3.8/lib/Xm/Xpmparse.c:420:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, curbuf, len);
data/motif-2.3.8/lib/Xm/Xpmparse.c:447:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, curbuf, len);
data/motif-2.3.8/lib/Xm/Xpmparse.c:502:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, curbuf, len);
data/motif-2.3.8/lib/Xm/Xpmparse.c:637:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/Xpmrgb.c:69:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[512], name[512], *rgbname, *s1, *s2;
data/motif-2.3.8/lib/Xm/Xpmrgb.c:73:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((rgbf = fopen(rgb_fname, "r")) == NULL)
data/motif-2.3.8/lib/Xm/Xpmscan.c:507:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
adefaults = (char **) oldColorTable[j];
data/motif-2.3.8/lib/Xm/Xpmscan.c:529:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZ];
data/motif-2.3.8/lib/Xm/Xpmscan.c:531:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "#%04X%04X%04X",
data/motif-2.3.8/lib/Xm/Xpmscan.c:534:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "#%02x%02x%02x",
data/motif-2.3.8/localized/util/mkcatdefs.c:66:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char inname [PATH_MAX];
data/motif-2.3.8/localized/util/mkcatdefs.c:67:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char outname [PATH_MAX];
data/motif-2.3.8/localized/util/mkcatdefs.c:68:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char catname [PATH_MAX];
data/motif-2.3.8/localized/util/mkcatdefs.c:137:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((outfp = fopen (outname, "w")) == NULL) {
data/motif-2.3.8/localized/util/mkcatdefs.c:156:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
} else sprintf (outname, "msg.h");
data/motif-2.3.8/localized/util/mkcatdefs.c:173:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(inname,"stdin");
data/motif-2.3.8/localized/util/mkcatdefs.c:177:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((descfile = fopen(inname,"r")) == NULL) {
data/motif-2.3.8/localized/util/mkcatdefs.c:231:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgname [PATH_MAX];
data/motif-2.3.8/localized/util/mkcatdefs.c:232:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line [MAXLINELEN];
data/motif-2.3.8/localized/util/mkcatdefs.c:292:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char setname [MAXIDLEN];
data/motif-2.3.8/localized/util/mkcatdefs.c:307:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n = atoi (setname);
data/motif-2.3.8/localized/util/mkcatdefs.c:360:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgname [MAXIDLEN];
data/motif-2.3.8/localized/util/mkcatdefs.c:413:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n = atoi (msgname);
data/motif-2.3.8/localized/util/mkmsgcat.c:32:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/motif-2.3.8/localized/util/mkmsgcat.c:111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, *q, setname[32], messagename[64];
data/motif-2.3.8/localized/util/mkmsgcat.c:114:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header_name[32], catalog_name[32];
data/motif-2.3.8/localized/util/mkmsgcat.c:125:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(header_name, "MsgI.h");
data/motif-2.3.8/localized/util/mkmsgcat.c:127:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
header = fopen(header_name, "w");
data/motif-2.3.8/localized/util/mkmsgcat.c:130:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(catalog_name, ".msg");
data/motif-2.3.8/localized/util/mkmsgcat.c:132:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
catalog = fopen(catalog_name, "w");
data/motif-2.3.8/localized/util/mkmsgcat.c:134:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
source = fopen(source_file_name, "r");
data/motif-2.3.8/localized/util/mkmsgcat.c:212:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subs[11];
data/motif-2.3.8/localized/util/mkmsgcat.c:223:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(subs, "Msg");
data/motif-2.3.8/tools/wml/wml.c:192:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( (fd=open(argv[1],O_RDONLY)) == -1 )
data/motif-2.3.8/tools/wml/wmldbcreate.c:99:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfilename[80];
data/motif-2.3.8/tools/wml/wmldbcreate.c:100:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char debugfilename[80];
data/motif-2.3.8/tools/wml/wmldbcreate.c:108:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(outfilename, "motif.wmd");
data/motif-2.3.8/tools/wml/wmldbcreate.c:109:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(debugfilename, "motif.dbg");
data/motif-2.3.8/tools/wml/wmldbcreate.c:123:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bfile = fopen(outfilename, "w");
data/motif-2.3.8/tools/wml/wmldbcreate.c:131:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
afile = fopen(debugfilename, "w");
data/motif-2.3.8/tools/wml/wmllex.c:731:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yystringval[BUF_SIZE]; /* any string value */
data/motif-2.3.8/tools/wml/wmllex.c:732:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yynameval[BUF_SIZE]; /* any identifier (name) */
data/motif-2.3.8/tools/wml/wmlouth.c:216:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfil = fopen ("UilSymGen.h", "w");
data/motif-2.3.8/tools/wml/wmlouth.c:370:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfil = fopen ( "UilSymChCl.h", "w");
data/motif-2.3.8/tools/wml/wmlouth.c:437:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfil = fopen ( "UilSymArTy.h", "w");
data/motif-2.3.8/tools/wml/wmlouth.c:500:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfil = fopen ( "UilSymRArg.h", "w");
data/motif-2.3.8/tools/wml/wmlouth.c:612:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfil = fopen ( "UilUrmClas.h", "w");
data/motif-2.3.8/tools/wml/wmlouth.c:766:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char maskbuf[100]; /* to constuct each mask */
data/motif-2.3.8/tools/wml/wmlouth.c:772:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfil = fopen ( "UilConst.h", "w");
data/motif-2.3.8/tools/wml/wmlouth.c:861:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char maskbuf[500]; /* current mask buffer */
data/motif-2.3.8/tools/wml/wmlouth.c:862:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itembuf[100]; /* for current item */
data/motif-2.3.8/tools/wml/wmlouth.c:869:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfil = fopen ( "UilSymReas.h", "w");
data/motif-2.3.8/tools/wml/wmlouth.c:906:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (maskbuf, "\n ");
data/motif-2.3.8/tools/wml/wmlouth.c:987:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char maskbuf[500]; /* current mask buffer */
data/motif-2.3.8/tools/wml/wmlouth.c:988:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itembuf[100]; /* for current item */
data/motif-2.3.8/tools/wml/wmlouth.c:995:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfil = fopen ( "UilSymArTa.h", "w");
data/motif-2.3.8/tools/wml/wmlouth.c:1032:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (maskbuf, "\n ");
data/motif-2.3.8/tools/wml/wmlouth.c:1112:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char maskbuf[500]; /* current mask buffer */
data/motif-2.3.8/tools/wml/wmlouth.c:1113:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itembuf[100]; /* for current item */
data/motif-2.3.8/tools/wml/wmlouth.c:1120:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfil = fopen ( "UilSymChTa.h", "w");
data/motif-2.3.8/tools/wml/wmlouth.c:1155:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (maskbuf, "\n ");
data/motif-2.3.8/tools/wml/wmlouth.c:1234:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char maskbuf[500]; /* current mask buffer */
data/motif-2.3.8/tools/wml/wmlouth.c:1235:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itembuf[100]; /* for current item */
data/motif-2.3.8/tools/wml/wmlouth.c:1242:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfil = fopen ( "UilSymCtl.h", "w");
data/motif-2.3.8/tools/wml/wmlouth.c:1277:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (maskbuf, "\n ");
data/motif-2.3.8/tools/wml/wmlouth.c:1429:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfil = fopen ( "UilSymNam.h", "w");
data/motif-2.3.8/tools/wml/wmlouth.c:1612:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfil = fopen ("UilSymEnum.h", "w");
data/motif-2.3.8/tools/wml/wmlouth.c:1798:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uname[200]; /* name converted to upper case */
data/motif-2.3.8/tools/wml/wmlouth.c:1804:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfil = fopen ("UilSymCSet.h", "w");
data/motif-2.3.8/tools/wml/wmloutkey.c:165:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[100]; /* current token */
data/motif-2.3.8/tools/wml/wmloutkey.c:166:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char class[100]; /* current class */
data/motif-2.3.8/tools/wml/wmloutkey.c:170:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sens_name[100]; /* for case-insensitive name */
data/motif-2.3.8/tools/wml/wmloutkey.c:187:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
infil = fopen ("tokens.dat", "r");
data/motif-2.3.8/tools/wml/wmloutkey.c:240:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sens_name, "true");
data/motif-2.3.8/tools/wml/wmloutkey.c:242:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sens_name, "false");
data/motif-2.3.8/tools/wml/wmloutkey.c:244:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sens_name, "file");
data/motif-2.3.8/tools/wml/wmloutkey.c:246:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (sens_name, "eof");
data/motif-2.3.8/tools/wml/wmloutkey.c:498:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char insens_name[100];
data/motif-2.3.8/tools/wml/wmloutkey.c:565:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfil = fopen ("UilKeyTab.h", "w");
data/motif-2.3.8/tools/wml/wmloutkey.c:606:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tkclass[100]; /* token class string */
data/motif-2.3.8/tools/wml/wmloutkey.c:607:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tksym[100]; /* token sym_k string */
data/motif-2.3.8/tools/wml/wmloutkey.c:608:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tktoken[100]; /* token tkn_k_num string */
data/motif-2.3.8/tools/wml/wmloutkey.c:648:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dststg, "tkn_k_class_argument");
data/motif-2.3.8/tools/wml/wmloutkey.c:651:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dststg, "tkn_k_class_charset");
data/motif-2.3.8/tools/wml/wmloutkey.c:654:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dststg, "tkn_k_class_enumval");
data/motif-2.3.8/tools/wml/wmloutkey.c:657:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dststg, "tkn_k_class_keyword");
data/motif-2.3.8/tools/wml/wmloutkey.c:660:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dststg, "tkn_k_class_reason");
data/motif-2.3.8/tools/wml/wmloutkey.c:663:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dststg, "tkn_k_class_reserved");
data/motif-2.3.8/tools/wml/wmloutkey.c:666:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dststg, "tkn_k_class_class");
data/motif-2.3.8/tools/wml/wmloutkey.c:669:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dststg, "tkn_k_class_child");
data/motif-2.3.8/tools/wml/wmloutkey.c:746:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dststg, "ARGUMENT_NAME");
data/motif-2.3.8/tools/wml/wmloutkey.c:749:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dststg, "CHARSET_NAME");
data/motif-2.3.8/tools/wml/wmloutkey.c:752:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dststg, "ENUMVAL_NAME");
data/motif-2.3.8/tools/wml/wmloutkey.c:755:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dststg, "REASON_NAME");
data/motif-2.3.8/tools/wml/wmloutkey.c:763:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dststg, "CLASS_NAME");
data/motif-2.3.8/tools/wml/wmloutkey.c:766:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dststg, "CHILD_NAME");
data/motif-2.3.8/tools/wml/wmloutkey.c:803:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfil = fopen ("UilTokName.h", "w");
data/motif-2.3.8/tools/wml/wmloutmm.c:114:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfil = fopen ("wml-uil.mm", "w");
data/motif-2.3.8/tools/wml/wmlresolve.c:457:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[300];
data/motif-2.3.8/tools/wml/wmlresolve.c:532:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[300];
data/motif-2.3.8/tools/wml/wmlresolve.c:652:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[300];
data/motif-2.3.8/tools/wml/wmlresolve.c:816:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[300];
data/motif-2.3.8/tools/wml/wmlresolve.c:908:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[300];
data/motif-2.3.8/tools/wml/wmlresolve.c:1314:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfil = fopen ( "wml.report", "w");
data/motif-2.3.8/tools/wml/wmlresolve.c:1741:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errmsg[300];
data/motif-2.3.8/tools/wml/wmluiltok.c:540:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * syn[MAX_SYN];
data/motif-2.3.8/clients/mwm/WmCmd.c:2209:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += sizeof (CARD16) + ((strlen(menu_item->label) + 1) * sizeof(CARD8)); /*itemName */
data/motif-2.3.8/clients/mwm/WmCmd.c:2257:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += sizeof (CARD16) + (strlen(menu_item->label + 1) * sizeof(CARD8)); /*itemName */
data/motif-2.3.8/clients/mwm/WmCmd.c:2312:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += sizeof (CARD16) + ((strlen(menu_item->label) + 1) * sizeof(CARD8)); /*itemName */
data/motif-2.3.8/clients/mwm/WmError.c:119:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((pchErrorFormat[i] = (char *) XtMalloc (1+strlen(buffer))) == NULL)
data/motif-2.3.8/clients/mwm/WmEvent.c:2078:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(DTWM_REQ_CHANGE_BACKDROP)))
data/motif-2.3.8/clients/mwm/WmEvent.c:2092:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pchFile = (char *) XtMalloc (1+strlen(pch));
data/motif-2.3.8/clients/mwm/WmFeedback.c:101:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmFeedback.c:113:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmFeedback.c:132:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmFeedback.c:172:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmFeedback.c:270:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(DEFAULT_POSITION_STRING), &direction, &ascent,
data/motif-2.3.8/clients/mwm/WmFeedback.c:470:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pSD->fbLocation, strlen(pSD->fbLocation));
data/motif-2.3.8/clients/mwm/WmFeedback.c:477:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pSD->fbSize, strlen(pSD->fbSize));
data/motif-2.3.8/clients/mwm/WmFeedback.c:616:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(pSD->fbLocation), &direction, &ascent,
data/motif-2.3.8/clients/mwm/WmFeedback.c:625:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(pSD->fbSize), &direction, &ascent,
data/motif-2.3.8/clients/mwm/WmFunction.c:430:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(args) - 2; /* subtract '\n' and NULL */
data/motif-2.3.8/clients/mwm/WmFunction.c:435:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(string);
data/motif-2.3.8/clients/mwm/WmFunction.c:3931:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(args) - 2; /* subtract '\n' and NULL */
data/motif-2.3.8/clients/mwm/WmFunction.c:3936:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(string);
data/motif-2.3.8/clients/mwm/WmGraphics.c:884:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
textWidth = XTextWidth(pfs, str, strlen(str));
data/motif-2.3.8/clients/mwm/WmGraphics.c:889:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str, strlen(str));
data/motif-2.3.8/clients/mwm/WmGraphics.c:901:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str, strlen(str));
data/motif-2.3.8/clients/mwm/WmImage.c:187:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fullPathName = (char*) XtMalloc(strlen(wmGD.bitmapDirectory) +
data/motif-2.3.8/clients/mwm/WmImage.c:188:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(iconName) + 2);
data/motif-2.3.8/clients/mwm/WmImage.c:837:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XtMalloc ((unsigned int)(strlen (path) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmImage.c:950:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (fileName, &(string[1]), MAXWMPATH - strlen (fileName));
data/motif-2.3.8/clients/mwm/WmImage.c:950:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat (fileName, &(string[1]), MAXWMPATH - strlen (fileName));
data/motif-2.3.8/clients/mwm/WmImage.c:972:13: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (fileName, &wmGD.bitmapDirectory[1],
data/motif-2.3.8/clients/mwm/WmImage.c:973:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAXWMPATH - strlen (fileName));
data/motif-2.3.8/clients/mwm/WmImage.c:977:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat (fileName, "/", MAXWMPATH - strlen (fileName));
data/motif-2.3.8/clients/mwm/WmImage.c:977:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat (fileName, "/", MAXWMPATH - strlen (fileName));
data/motif-2.3.8/clients/mwm/WmImage.c:978:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (fileName, string, MAXWMPATH - strlen (fileName));
data/motif-2.3.8/clients/mwm/WmImage.c:978:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat (fileName, string, MAXWMPATH - strlen (fileName));
data/motif-2.3.8/clients/mwm/WmImage.c:1010:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fileName, retname, MAXWMPATH);
data/motif-2.3.8/clients/mwm/WmInitWs.c:1437:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf_size = strlen(buffer) + 1;
data/motif-2.3.8/clients/mwm/WmInitWs.c:1642:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(String)XtMalloc ((unsigned int) (strlen(buffer) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmInitWs.c:1700:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XtMalloc ((1+strlen(DEFAULT_WS_NAME)) * sizeof (char))) == NULL)
data/motif-2.3.8/clients/mwm/WmInitWs.c:1791:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (pchD);
data/motif-2.3.8/clients/mwm/WmInitWs.c:1792:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pchEnd = pch + strlen(pch);
data/motif-2.3.8/clients/mwm/WmInitWs.c:1837:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (homeDir) + strlen("/.dt/backdrops") +
data/motif-2.3.8/clients/mwm/WmInitWs.c:1837:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (homeDir) + strlen("/.dt/backdrops") +
data/motif-2.3.8/clients/mwm/WmInitWs.c:1838:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (*ppchBackdropDirs) + strlen("/etc/dt/backdrops") + 3;
data/motif-2.3.8/clients/mwm/WmInitWs.c:1838:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (*ppchBackdropDirs) + strlen("/etc/dt/backdrops") + 3;
data/motif-2.3.8/clients/mwm/WmInitWs.c:1842:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (tmpptr, ":");
data/motif-2.3.8/clients/mwm/WmInitWs.c:1844:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (tmpptr, ":");
data/motif-2.3.8/clients/mwm/WmInitWs.c:1854:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (homeDir) + strlen("/.dt/backdrops") +
data/motif-2.3.8/clients/mwm/WmInitWs.c:1854:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (homeDir) + strlen("/.dt/backdrops") +
data/motif-2.3.8/clients/mwm/WmInitWs.c:1855:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (*ppchBackdropDirs) + strlen(pchD) +
data/motif-2.3.8/clients/mwm/WmInitWs.c:1855:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (*ppchBackdropDirs) + strlen(pchD) +
data/motif-2.3.8/clients/mwm/WmInitWs.c:1856:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen("/etc/dt/backdrops") + 4;
data/motif-2.3.8/clients/mwm/WmInitWs.c:1860:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (tmpptr, ":");
data/motif-2.3.8/clients/mwm/WmInitWs.c:1862:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (tmpptr, ":");
data/motif-2.3.8/clients/mwm/WmInitWs.c:1864:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (tmpptr, ":");
data/motif-2.3.8/clients/mwm/WmInitWs.c:2342:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmInitWs.c:2355:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmInitWs.c:2367:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmInitWs.c:2380:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmInitWs.c:2392:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmInitWs.c:2404:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmInitWs.c:2455:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(String)XtMalloc ((unsigned int) (strlen(buffer) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmInitWs.c:2566:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PropModeReplace, (unsigned char *) binding, strlen( binding)) ;
data/motif-2.3.8/clients/mwm/WmInitWs.c:2580:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned orig_len = strlen( repl_xref->default_name) ;
data/motif-2.3.8/clients/mwm/WmInitWs.c:2595:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned new_len = strlen( repl_xref->new_name) ;
data/motif-2.3.8/clients/mwm/WmInitWs.c:2596:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned suffix_len = strlen( ks_ptr + orig_len) ;
data/motif-2.3.8/clients/mwm/WmInitWs.c:2600:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned new_ttl_len = strlen( fixed_str) + new_len - orig_len ;
data/motif-2.3.8/clients/mwm/WmInitWs.c:2604:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prefix_len = strlen( fixed_str) ;
data/motif-2.3.8/clients/mwm/WmMain.c:267:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)(XtMalloc ((unsigned int)(strlen (argv[0]) + 1)))))
data/motif-2.3.8/clients/mwm/WmMenu.c:2104:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = (command_so_far != NULL ? strlen(command_so_far) : 0) +
data/motif-2.3.8/clients/mwm/WmMenu.c:2105:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(tree->name != NULL ? strlen(tree->name) : 0) + 4;
data/motif-2.3.8/clients/mwm/WmMenu.c:4289:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(format) + strlen(message) < (size_t) MAXWMPATH)
data/motif-2.3.8/clients/mwm/WmMenu.c:4289:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(format) + strlen(message) < (size_t) MAXWMPATH)
data/motif-2.3.8/clients/mwm/WmProperty.c:1431:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (&pch[ix], "0");
data/motif-2.3.8/clients/mwm/WmProperty.c:1546:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(pchName) + strlen (_XA_DT_WORKSPACE_INFO) + 4;
data/motif-2.3.8/clients/mwm/WmProperty.c:1546:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(pchName) + strlen (_XA_DT_WORKSPACE_INFO) + 4;
data/motif-2.3.8/clients/mwm/WmProperty.c:1550:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (pch, "_");
data/motif-2.3.8/clients/mwm/WmProperty.c:1789:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (chRequest, &property[iNext], len);
data/motif-2.3.8/clients/mwm/WmResParse.c:1457:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(String)XtMalloc ((unsigned int) (strlen((char *)string) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmResParse.c:1530:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((unsigned int) (strlen((char *)argv[xindex]) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmResParse.c:1576:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(String)XtMalloc ((unsigned int) (strlen((char *)string) + 1))) ==
data/motif-2.3.8/clients/mwm/WmResParse.c:2055:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, start, len);
data/motif-2.3.8/clients/mwm/WmResParse.c:2123:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((LANGp == NULL) || (strlen(LANGp) == 0))
data/motif-2.3.8/clients/mwm/WmResParse.c:2129:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((LANG = (char *) XtMalloc(strlen(LANGp) +1)) == NULL)
data/motif-2.3.8/clients/mwm/WmResParse.c:2168:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(cfileName, "/", MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2168:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, "/", MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2169:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, LANG, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2169:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, LANG, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2171:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, &(wmGD.configFile[1]), MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2171:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, &(wmGD.configFile[1]), MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2192:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, &(wmGD.configFile[1]),
data/motif-2.3.8/clients/mwm/WmResParse.c:2193:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2218:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (cfileName, pch, MAXWMPATH);
data/motif-2.3.8/clients/mwm/WmResParse.c:2273:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(cfileName, "/", MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2273:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, "/", MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2274:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, LANG, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2274:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, LANG, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2276:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, HOME_MWMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2276:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, HOME_MWMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2289:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(cfileName, "/.dt/", MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2289:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, "/.dt/", MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2293:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, LANG, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2293:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, LANG, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2295:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, LANG_DT_WMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2295:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, LANG_DT_WMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2300:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(cfileName, "/", MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2300:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, "/", MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2301:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, LANG, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2301:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, LANG, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2303:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, HOME_MWMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2303:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, HOME_MWMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2331:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, HOME_MWMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2331:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, HOME_MWMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2338:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, HOME_DT_WMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2338:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, HOME_DT_WMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2341:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, HOME_MWMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2341:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, HOME_MWMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2367:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, RC_CONFIG_SUBDIR, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2367:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, RC_CONFIG_SUBDIR, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2368:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, LANG, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2368:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, LANG, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2369:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, SLASH_DT_WMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2369:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, SLASH_DT_WMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2375:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, RC_CONFIG_SUBDIR, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2375:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, RC_CONFIG_SUBDIR, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2376:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, SLASH_DT_WMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2376:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, SLASH_DT_WMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2399:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(cfileName, "/", MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2399:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, "/", MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2400:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, LANG, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2400:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, LANG, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2401:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, SLASH_MWMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2401:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, SLASH_MWMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2406:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, RC_CONFIG_SUBDIR, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2406:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, RC_CONFIG_SUBDIR, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2407:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, LANG, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2407:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, LANG, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2408:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, SLASH_DT_WMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2408:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, SLASH_DT_WMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2415:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(cfileName, "/", MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2415:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, "/", MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2416:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, LANG, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2416:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, LANG, MAXWMPATH-strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2417:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, SLASH_MWMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2417:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, SLASH_MWMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2437:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, SLASH_MWMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2437:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, SLASH_MWMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2447:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, RC_DEFAULT_CONFIG_SUBDIR,
data/motif-2.3.8/clients/mwm/WmResParse.c:2448:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2449:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, SLASH_DT_WMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2449:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, SLASH_DT_WMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2461:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(cfileName, SLASH_MWMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2461:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(cfileName, SLASH_MWMRC, MAXWMPATH - strlen(cfileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:2489:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (cfileName, pch, MAXWMPATH);
data/motif-2.3.8/clients/mwm/WmResParse.c:2672:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(String)XtMalloc ((unsigned int) (strlen ((char *)string) + 1)))
data/motif-2.3.8/clients/mwm/WmResParse.c:3227:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
linelen = strlen((char *)string) + strlen((char *)*linePP) + 1;
data/motif-2.3.8/clients/mwm/WmResParse.c:3227:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
linelen = strlen((char *)string) + strlen((char *)*linePP) + 1;
data/motif-2.3.8/clients/mwm/WmResParse.c:3236:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(stream, " ");
data/motif-2.3.8/clients/mwm/WmResParse.c:3508:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XtMalloc ((unsigned int)(strlen ((char *)string) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmResParse.c:3801:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(menuItem->clientCommandName, (char *) lineP,
data/motif-2.3.8/clients/mwm/WmResParse.c:3803:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
menuItem->clientCommandName[strlen(menuItem->clientCommandName)+1] = '\0';
data/motif-2.3.8/clients/mwm/WmResParse.c:4000:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((len = strlen ((char *)string)) != 0)
data/motif-2.3.8/clients/mwm/WmResParse.c:4112:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen ((char *)string);
data/motif-2.3.8/clients/mwm/WmResParse.c:4302:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy ((char *)grpStr, (char *)startP, len);
data/motif-2.3.8/clients/mwm/WmResParse.c:4836:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy ((char *)ctxStr, (char *)startP, len);
data/motif-2.3.8/clients/mwm/WmResParse.c:5292:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen((char *)string) - 2;
data/motif-2.3.8/clients/mwm/WmResParse.c:5300:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen((char *)string) - 2;
data/motif-2.3.8/clients/mwm/WmResParse.c:6050:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy ((char *)modStr, (char *)startP, len);
data/motif-2.3.8/clients/mwm/WmResParse.c:6233:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = (String) XtMalloc(strlen(menuItem->label) + 3);
data/motif-2.3.8/clients/mwm/WmResParse.c:6241:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = (String) XtMalloc(strlen(menuItem->label) + 2);
data/motif-2.3.8/clients/mwm/WmResParse.c:6252:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = (String) XtMalloc(strlen(menuItem->label) + 3);
data/motif-2.3.8/clients/mwm/WmResParse.c:6262:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = (String) XtMalloc(strlen(menuItem->label) + 2);
data/motif-2.3.8/clients/mwm/WmResParse.c:6321:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy ((char *)eventTypeStr, (char *)startP, len);
data/motif-2.3.8/clients/mwm/WmResParse.c:6442:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy (keySymName, (char *)startP, len);
data/motif-2.3.8/clients/mwm/WmResParse.c:7096:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lenSub = strlen((char *)pchSub);
data/motif-2.3.8/clients/mwm/WmResParse.c:7261:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
1 + strlen((char *)string))))
data/motif-2.3.8/clients/mwm/WmResParse.c:7280:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lastLen = 1 + strlen((char *)wmGD.screenNames[0]);
data/motif-2.3.8/clients/mwm/WmResParse.c:7331:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(fileName, "/", MAXWMPATH-strlen(fileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:7331:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(fileName, "/", MAXWMPATH-strlen(fileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:7332:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(fileName, MOTIF_BINDINGS_FILE, MAXWMPATH-strlen(fileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:7332:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(fileName, MOTIF_BINDINGS_FILE, MAXWMPATH-strlen(fileName));
data/motif-2.3.8/clients/mwm/WmResParse.c:7381:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned char *)bindings, strlen(bindings));
data/motif-2.3.8/clients/mwm/WmResParse.c:7489:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
totLen += 5 + strlen(sClientName) + 1;
data/motif-2.3.8/clients/mwm/WmResParse.c:7494:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
totLen += 1 + 6 + strlen(sTitle) + 1;
data/motif-2.3.8/clients/mwm/WmResParse.c:7512:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (pAP->szExecParms, ",");
data/motif-2.3.8/clients/mwm/WmResParse.c:7979:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XtMalloc(1 + strlen((char *)string)))
data/motif-2.3.8/clients/mwm/WmResParse.c:8003:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XtRealloc (pch, (1+strlen((char *)string)));
data/motif-2.3.8/clients/mwm/WmResParse.c:8094:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (pchCmd, " ");
data/motif-2.3.8/clients/mwm/WmResParse.c:8096:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (pchCmd, " ");
data/motif-2.3.8/clients/mwm/WmResParse.c:8216:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (host_part) + 1 +
data/motif-2.3.8/clients/mwm/WmResParse.c:8217:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (homeDir) + strlen (file_part) + 1;
data/motif-2.3.8/clients/mwm/WmResParse.c:8217:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (homeDir) + strlen (file_part) + 1;
data/motif-2.3.8/clients/mwm/WmResParse.c:8221:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pch += strlen (pch) + 1;
data/motif-2.3.8/clients/mwm/WmResParse.c:8279:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (homeDir) + strlen (pchFile) + 1;
data/motif-2.3.8/clients/mwm/WmResParse.c:8279:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (homeDir) + strlen (pchFile) + 1;
data/motif-2.3.8/clients/mwm/WmResource.c:210:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmResource.c:228:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmResource.c:246:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmResource.c:264:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmResource.c:282:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmResource.c:300:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmResource.c:318:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmResource.c:333:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmResource.c:348:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmResource.c:364:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmResource.c:399:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dsm, "\n");
data/motif-2.3.8/clients/mwm/WmResource.c:401:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dsm, "\n");
data/motif-2.3.8/clients/mwm/WmResource.c:403:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dsm, "\n");
data/motif-2.3.8/clients/mwm/WmResource.c:405:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dsm, "\n");
data/motif-2.3.8/clients/mwm/WmResource.c:407:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dsm, "\n");
data/motif-2.3.8/clients/mwm/WmResource.c:409:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dsm, "\n");
data/motif-2.3.8/clients/mwm/WmResource.c:415:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dsm, "\n");
data/motif-2.3.8/clients/mwm/WmResource.c:417:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dsm, "\n");
data/motif-2.3.8/clients/mwm/WmResource.c:419:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dsm, "\n");
data/motif-2.3.8/clients/mwm/WmResource.c:427:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(dsm) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmResource.c:3320:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
WmRealloc ((char*)wmGD.screenNames[sNum], strlen((char*)string)+1)))
data/motif-2.3.8/clients/mwm/WmResource.c:3344:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen((char *)string)+1)))
data/motif-2.3.8/clients/mwm/WmResource.c:4128:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat((char *)wmGD.tmpBuffer, s1, count);
data/motif-2.3.8/clients/mwm/WmResource.c:4129:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count -= strlen(s1);
data/motif-2.3.8/clients/mwm/WmResource.c:4134:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat ((char *)wmGD.tmpBuffer, "*", count);
data/motif-2.3.8/clients/mwm/WmResource.c:4136:6: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat ((char *)wmGD.tmpBuffer, s2, count);
data/motif-2.3.8/clients/mwm/WmResource.c:4137:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count -= strlen (s2);
data/motif-2.3.8/clients/mwm/WmResource.c:4141:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat ((char *)wmGD.tmpBuffer, "*", count);
data/motif-2.3.8/clients/mwm/WmResource.c:4143:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat ((char *)wmGD.tmpBuffer, s3, count);
data/motif-2.3.8/clients/mwm/WmResource.c:4144:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count -= strlen (s3);
data/motif-2.3.8/clients/mwm/WmResource.c:4148:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat ((char *)wmGD.tmpBuffer, "*", count);
data/motif-2.3.8/clients/mwm/WmResource.c:4150:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat ((char *)wmGD.tmpBuffer, s4, count);
data/motif-2.3.8/clients/mwm/WmResource.c:5168:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(pwsI->name = (String) XtMalloc (1+strlen((char *)string))))
data/motif-2.3.8/clients/mwm/WmResource.c:5351:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc ((unsigned int) (strlen(tmpString) + 1))) == NULL)
data/motif-2.3.8/clients/mwm/WmResource.c:5378:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XtMalloc (1+strlen((char *)pch1))))
data/motif-2.3.8/clients/mwm/WmResource.c:6305:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = (char *) XtMalloc(strlen(builtinKeyBindings) +
data/motif-2.3.8/clients/mwm/WmResource.c:6306:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(pSD->rootMenu) + 1);
data/motif-2.3.8/clients/mwm/WmResource.c:6357:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = (char *) XtMalloc(strlen(builtinButtonBindings) +
data/motif-2.3.8/clients/mwm/WmResource.c:6358:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(pSD->rootMenu) + 1);
data/motif-2.3.8/clients/mwm/WmWinInfo.c:2220:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (wmNameProp->value == 0 || strlen((char *)wmNameProp->value) == 0)
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:67:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = str + strlen(str);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:74:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:79:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ptr, "\n");
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:86:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:91:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ptr, "\n");
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:105:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:138:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = str + strlen(str);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:149:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:154:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ptr, "\n");
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:163:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:177:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:220:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str += strlen(str);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:269:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str += strlen(str);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:290:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, "\n");
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:314:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str += strlen(str);
data/motif-2.3.8/clients/mwm/WmWsmLib/debug.c:335:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str += strlen(str);
data/motif-2.3.8/clients/mwm/WmWsmLib/pack.c:177:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += (strlen(request->extensions.extension_suggestions[i]) +
data/motif-2.3.8/clients/mwm/WmWsmLib/pack.c:331:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += (strlen(reply->extensions.extensions[i]) + COUNT_SIZE);
data/motif-2.3.8/clients/mwm/WmWsmLib/pack.c:342:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(XrmQuarkToString(attr[i].nameq)) * sizeof(CARD8);
data/motif-2.3.8/clients/mwm/WmWsmLib/pack.c:354:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(XrmQuarkToString(attr[i].nameq)) * sizeof(CARD8);
data/motif-2.3.8/clients/mwm/WmWsmLib/pack.c:366:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(XrmQuarkToString(attr[i].nameq)) * sizeof(CARD8);
data/motif-2.3.8/clients/mwm/WmWsmLib/pack.c:853:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
register int i, len = strlen(str);
data/motif-2.3.8/clients/mwm/WmXSMP.c:276:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(savePath) + strlen(dtwmFileName) + 2 < MAXPATHLEN)
data/motif-2.3.8/clients/mwm/WmXSMP.c:276:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(savePath) + strlen(dtwmFileName) + 2 < MAXPATHLEN)
data/motif-2.3.8/clients/mwm/WmXSMP.c:286:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(savePath) < MAXPATHLEN)
data/motif-2.3.8/clients/mwm/WmXSMP.c:329:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc((strlen(*argP) + 1 +
data/motif-2.3.8/clients/mwm/WmXSMP.c:346:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc((strlen(wmGD.sessionClientDB) + 1 +
data/motif-2.3.8/clients/mwm/WmXSMP.c:359:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc((strlen(homeDir) + strlen(dtwmFileName) + 2 +
data/motif-2.3.8/clients/mwm/WmXSMP.c:359:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *)XtMalloc((strlen(homeDir) + strlen(dtwmFileName) + 2 +
data/motif-2.3.8/clients/mwm/WmXSMP.c:508:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pLen = strlen(wsNameP) + 1; /* 1 for null termination */
data/motif-2.3.8/clients/mwm/WmXSMP.c:517:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pLen += strlen(wsNameP) + 1; /* 1 for space */
data/motif-2.3.8/clients/mwm/WmXSMP.c:525:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cwsP, " ");
data/motif-2.3.8/clients/mwm/WmXSMP.c:1151:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(resourceBuf, ":");
data/motif-2.3.8/clients/uil/UilCmd.c:331:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Uil_cmd_z_command.ac_resource_file = XtMalloc (strlen ("a.uid") + 1);
data/motif-2.3.8/clients/uil/UilDB.c:840:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strcmp (&Uil_cmd_z_command.ac_database[strlen(Uil_cmd_z_command.ac_database)-4],".wmd") != 0 )
data/motif-2.3.8/clients/uil/UilDB.c:912:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outptr = XtMalloc (strlen(ptr) + 2);
data/motif-2.3.8/clients/uil/UilDB.c:914:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (outptr, "/");
data/motif-2.3.8/clients/uil/UilDB.c:977:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wmd_path = XtMalloc(strlen(ABSOLUTE_PATH));
data/motif-2.3.8/clients/uil/UilDB.c:989:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wmd_path = XtCalloc(1, 2*strlen(homedir) +
data/motif-2.3.8/clients/uil/UilDB.c:990:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(libdir) + strlen(incdir) +
data/motif-2.3.8/clients/uil/UilDB.c:990:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(libdir) + strlen(incdir) +
data/motif-2.3.8/clients/uil/UilDB.c:991:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(WMDPATH_DEFAULT));
data/motif-2.3.8/clients/uil/UilDB.c:997:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wmd_path = XtCalloc(1, 1*strlen(old_path) + 2*strlen(homedir) +
data/motif-2.3.8/clients/uil/UilDB.c:997:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wmd_path = XtCalloc(1, 1*strlen(old_path) + 2*strlen(homedir) +
data/motif-2.3.8/clients/uil/UilDB.c:998:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(libdir) + strlen(incdir) +
data/motif-2.3.8/clients/uil/UilDB.c:998:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(libdir) + strlen(incdir) +
data/motif-2.3.8/clients/uil/UilDB.c:999:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(XAPPLRES_DEFAULT));
data/motif-2.3.8/clients/uil/UilDB.c:1008:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wmd_path = XtMalloc(strlen(path) + 1);
data/motif-2.3.8/clients/uil/UilDiags.c:325:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
( (unsigned char *)src_buffer, strlen( src_buffer ), 0 );
data/motif-2.3.8/clients/uil/UilLexAna.c:1249:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c_text[strlen((char *)az_current_lex_buffer->c_text)] = '\n';
data/motif-2.3.8/clients/uil/UilLexAna.c:1581:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = (int)strlen((char *)az_current_lex_buffer->c_text)+1;
data/motif-2.3.8/clients/uil/UilLexAna.c:1582:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((size + (int)strlen (comment_text)) >= comment_size)
data/motif-2.3.8/clients/uil/UilLexAna.c:1584:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
comment_text = XtRealloc(comment_text, INCR_COMMENT_SIZE + strlen(comment_text));
data/motif-2.3.8/clients/uil/UilLexAna.c:1585:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
comment_size = INCR_COMMENT_SIZE + strlen (comment_text);
data/motif-2.3.8/clients/uil/UilLexAna.c:1589:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (comment_text, "\n");
data/motif-2.3.8/clients/uil/UilLstLst.c:451:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
src_ptr = &(src_buffer[ strlen( src_buffer ) ]);
data/motif-2.3.8/clients/uil/UilLstLst.c:460:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lex_filter_unprintable_chars( (unsigned char*)src_ptr, strlen( src_ptr ), 0 );
data/motif-2.3.8/clients/uil/UilLstLst.c:696:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_len = strlen ((char *)text_ptr);
data/motif-2.3.8/clients/uil/UilLstLst.c:1006:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (count == strlen( ptr ))
data/motif-2.3.8/clients/uil/UilLstMac.c:410:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (ptr) + 1, ptr, NULL );
data/motif-2.3.8/clients/uil/UilLstMac.c:523:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
& buffer [strlen (buffer)]);
data/motif-2.3.8/clients/uil/UilLstMac.c:1222:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(t_rec->index), t_rec->index,
data/motif-2.3.8/clients/uil/UilP2Out.c:1406:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(sem_charset_name(value_entry->b_charset,
data/motif-2.3.8/clients/uil/UilP2Out.c:1408:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ 1 + strlen(value_entry->value.c_value) + 1;
data/motif-2.3.8/clients/uil/UilP2Out.c:1573:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(sem_charset_name(font_value->b_charset,
data/motif-2.3.8/clients/uil/UilP2Out.c:1575:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ 1 + strlen(font_value->value.c_value) + 1;
data/motif-2.3.8/clients/uil/UilP2Out.c:1695:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_len = strlen(charset_name) + 1;
data/motif-2.3.8/clients/uil/UilP2Out.c:1920:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_len = strlen(charset_name) + 1;
data/motif-2.3.8/clients/uil/UilP2Out.c:1925:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_len = strlen(font_value->value.c_value) + 1;
data/motif-2.3.8/clients/uil/UilP2Out.c:3122:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(arg_index)+1;
data/motif-2.3.8/clients/uil/UilP2Out.c:3242:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
desc->size = strlen( arg_index ) + 1;
data/motif-2.3.8/clients/uil/UilP2Out.c:3323:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen( arg_index ) + 1;
data/motif-2.3.8/clients/uil/UilP2Out.c:3469:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
desc->size = strlen( arg_index ) + 1;
data/motif-2.3.8/clients/uil/UilP2Out.c:3789:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
arg_value_size += strlen(uil_argument_toolkit_names[i]) + 1;
data/motif-2.3.8/clients/uil/UilP2Out.c:3810:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
arg_value_size += strlen(uil_reason_toolkit_names[i]) + 1;
data/motif-2.3.8/clients/uil/UilP2Out.c:3824:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
arg_value_size += strlen(uil_child_names[i]) + 1;
data/motif-2.3.8/clients/uil/UilP2Out.c:3884:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(uil_argument_toolkit_names[i]) + 1);
data/motif-2.3.8/clients/uil/UilP2Out.c:3886:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_offset += (strlen(uil_argument_toolkit_names[i]) + 1);
data/motif-2.3.8/clients/uil/UilP2Out.c:3897:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(uil_reason_toolkit_names[i]) + 1);
data/motif-2.3.8/clients/uil/UilP2Out.c:3900:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_offset += (strlen(uil_reason_toolkit_names[i]) + 1);
data/motif-2.3.8/clients/uil/UilP2Out.c:3912:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(AUTO_CHILD_PREFIX)) == 0)
data/motif-2.3.8/clients/uil/UilP2Out.c:3913:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = (uil_child_names[i] + strlen(AUTO_CHILD_PREFIX));
data/motif-2.3.8/clients/uil/UilP2Out.c:3916:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_move( &(arg_buffer[text_offset]), name, strlen(name) + 1);
data/motif-2.3.8/clients/uil/UilP2Out.c:3918:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_offset += (strlen(name) + 1);
data/motif-2.3.8/clients/uil/UilP2Out.c:3963:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
class_value_size += strlen(uil_widget_funcs[i]) + 1;
data/motif-2.3.8/clients/uil/UilP2Out.c:4022:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(uil_widget_funcs[i]) + 1);
data/motif-2.3.8/clients/uil/UilP2Out.c:4025:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_offset += (strlen(uil_widget_funcs[i]) + 1);
data/motif-2.3.8/clients/uil/UilSarComp.c:733:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
az_keyword_entry = key_find_keyword(strlen(DEFAULT_TAG), DEFAULT_TAG);
data/motif-2.3.8/clients/uil/UilSarObj.c:155:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
object->obj_header.az_comment = (char *)_get_memory(strlen(comment_text)+1);
data/motif-2.3.8/clients/uil/UilSarVal.c:1624:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cstr_r = XmStringComponentCreate(type, strlen(_MOTIF_DEFAULT_LOCALE),
data/motif-2.3.8/clients/uil/UilSarVal.c:1670:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cstr_r = XmStringComponentCreate(type, strlen(str), (XtPointer)str);
data/motif-2.3.8/clients/uil/UilSemCSet.c:279:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( ndx=0 ; ndx<(int)strlen(uname) ; ndx++ )
data/motif-2.3.8/clients/uil/UilSrcSrc.c:615:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer, c_file_name, sizeof(buffer));
data/motif-2.3.8/clients/uil/UilSrcSrc.c:629:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (len = strlen (c_file_name),
data/motif-2.3.8/clients/uil/UilSrcSrc.c:660:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c_file_name, strlen (c_file_name) + 1); /* + NULL */
data/motif-2.3.8/clients/uil/UilSrcSrc.c:681:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inc_dir_len = strlen (Uil_cmd_z_command.ac_include_dir[i]);
data/motif-2.3.8/clients/uil/UilSrcSrc.c:695:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c_file_name, strlen (c_file_name) + 1); /* + NULL */
data/motif-2.3.8/clients/uil/UilSrcSrc.c:710:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c_file_name, strlen (c_file_name) + 1); /* + NULL */
data/motif-2.3.8/clients/uil/UilSrcSrc.c:1147:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l_msg_length = strlen( c_msg_text ) + 1; /* includes null */
data/motif-2.3.8/clients/uil/UilSrcSrc.c:1241:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l_text_len = strlen( c_text ) + 1; /* includes null */
data/motif-2.3.8/clients/uil/UilSymNam.c:382:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)al_value, c_value, l_length);
data/motif-2.3.8/clients/xmbind/xmbind.c:70:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned char *)bindings, strlen(bindings));
data/motif-2.3.8/config/util/checktree.c:85:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fn[strlen(fn) - 1] == '~')
data/motif-2.3.8/config/util/checktree.c:155:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(dp->d_name);
data/motif-2.3.8/config/util/checktree.c:235:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = dir + strlen(dir);
data/motif-2.3.8/config/util/checktree.c:276:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char *)malloc(strlen(dp->d_name) + 1);
data/motif-2.3.8/config/util/checktree.c:340:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buf, ".");
data/motif-2.3.8/config/util/lndir.c:209:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = buf + strlen (buf);
data/motif-2.3.8/config/util/lndir.c:213:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (dp->d_name[strlen(dp->d_name) - 1] == '~')
data/motif-2.3.8/config/util/makestrs.c:212:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int magic_string_len = strlen (magic_string);
data/motif-2.3.8/config/util/makestrs.c:259:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((fileprotstr = malloc (strlen (phile->name) + 3)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:263:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((fileprotstr = malloc (strlen (phile->name) + strlen (prefixstr) + 3)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:263:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((fileprotstr = malloc (strlen (phile->name) + strlen (prefixstr) + 3)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:467:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp (buf, file_str, strlen (file_str)) == 0)
data/motif-2.3.8/config/util/makestrs.c:469:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp (buf, table_str, strlen (table_str)) == 0)
data/motif-2.3.8/config/util/makestrs.c:471:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp (buf, prefix_str, strlen (prefix_str)) == 0)
data/motif-2.3.8/config/util/makestrs.c:473:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp (buf, feature_str, strlen (feature_str)) == 0)
data/motif-2.3.8/config/util/makestrs.c:475:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp (buf, externref_str, strlen (externref_str)) == 0)
data/motif-2.3.8/config/util/makestrs.c:477:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp (buf, externdef_str, strlen (externdef_str)) == 0)
data/motif-2.3.8/config/util/makestrs.c:479:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp (buf, ctmpl_str, strlen (ctmpl_str)) == 0)
data/motif-2.3.8/config/util/makestrs.c:481:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp (buf, htmpl_str, strlen (htmpl_str)) == 0)
data/motif-2.3.8/config/util/makestrs.c:483:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strncmp (buf, const_str, strlen (const_str)) == 0)
data/motif-2.3.8/config/util/makestrs.c:495:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((phile->name = malloc (strlen (buf + strlen (file_str)) + 1)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:495:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((phile->name = malloc (strlen (buf + strlen (file_str)) + 1)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:497:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) strcpy (phile->name, buf + strlen (file_str) + 1);
data/motif-2.3.8/config/util/makestrs.c:514:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((table->name = malloc (strlen (buf + strlen (table_str)) + 1)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:514:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((table->name = malloc (strlen (buf + strlen (table_str)) + 1)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:516:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) strcpy (table->name, buf + strlen (table_str) + 1);
data/motif-2.3.8/config/util/makestrs.c:529:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((prefixstr = malloc (strlen (buf + strlen (prefix_str)) + 1)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:529:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((prefixstr = malloc (strlen (buf + strlen (prefix_str)) + 1)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:531:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) strcpy (prefixstr, buf + strlen (prefix_str) + 1);
data/motif-2.3.8/config/util/makestrs.c:534:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((featurestr = malloc (strlen (buf + strlen (feature_str)) + 1)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:534:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((featurestr = malloc (strlen (buf + strlen (feature_str)) + 1)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:536:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) strcpy (featurestr, buf + strlen (feature_str) + 1);
data/motif-2.3.8/config/util/makestrs.c:539:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((externrefstr = malloc (strlen (buf + strlen (externref_str)) + 1)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:539:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((externrefstr = malloc (strlen (buf + strlen (externref_str)) + 1)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:541:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) strcpy (externrefstr, buf + strlen (externref_str) + 1);
data/motif-2.3.8/config/util/makestrs.c:544:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((externdefstr = malloc (strlen (buf + strlen (externdef_str)) + 1)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:544:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((externdefstr = malloc (strlen (buf + strlen (externdef_str)) + 1)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:546:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) strcpy (externdefstr, buf + strlen (externdef_str) + 1);
data/motif-2.3.8/config/util/makestrs.c:549:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ctmplstr = malloc (strlen (buf + strlen (ctmpl_str)) + 1)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:549:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ctmplstr = malloc (strlen (buf + strlen (ctmpl_str)) + 1)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:551:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) strcpy (ctmplstr, buf + strlen (ctmpl_str) + 1);
data/motif-2.3.8/config/util/makestrs.c:554:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((filecurrent->tmpl = fopen (buf + strlen (htmpl_str) + 1, "r")) == NULL) {
data/motif-2.3.8/config/util/makestrs.c:561:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((conststr = malloc (strlen (buf + strlen (const_str)) + 1)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:561:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((conststr = malloc (strlen (buf + strlen (const_str)) + 1)) == NULL)
data/motif-2.3.8/config/util/makestrs.c:563:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) strcpy (conststr, buf + strlen (const_str) + 1);
data/motif-2.3.8/config/util/makestrs.c:583:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
llen = len = strlen(buf) + 1;
data/motif-2.3.8/config/util/makestrs.c:584:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rlen = strlen(right) + 1;
data/motif-2.3.8/config/util/makestrs.c:615:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t->offset += strlen (te->right);
data/motif-2.3.8/config/util/makestrs.c:630:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset += strlen (te->right);
data/motif-2.3.8/config/util/makestrs.c:665:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy (ret, tag + 1, len - 1);
data/motif-2.3.8/config/util/makestrs.c:720:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buf[(len = strlen (buf) - 1)] == '\n') buf[len] = '\0';
data/motif-2.3.8/demos/doc/programGuide/ch16/UTMXmText.c:178:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ccs->length = strlen(copy_of_selected_text);
data/motif-2.3.8/demos/doc/programGuide/ch17/simple_drag/simple_drag.c:196:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
passtext = XtMalloc(strlen(ctext)+1);
data/motif-2.3.8/demos/doc/programGuide/ch17/simple_drag/simple_drag.c:197:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(passtext, ctext, strlen(ctext)+1);
data/motif-2.3.8/demos/doc/programGuide/ch17/simple_drag/simple_drag.c:201:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ccs->length = strlen(passtext);
data/motif-2.3.8/demos/lib/Exm/StringTrans.c:929:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*length = strlen(ct); /* Don't include NULL byte */
data/motif-2.3.8/demos/lib/Exm/StringTrans.c:940:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_prop.nitems = strlen(ct); /* Don't include NULL byte */
data/motif-2.3.8/demos/lib/Exm/StringTrans.c:983:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*length = strlen(ct); /* Don't include NULL byte */
data/motif-2.3.8/demos/lib/Exm/wml/wmldbcreate.c:520:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lengths[i] = strlen(table[i]) + 1;
data/motif-2.3.8/demos/lib/Wsm/debug.c:67:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = str + strlen(str);
data/motif-2.3.8/demos/lib/Wsm/debug.c:74:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr);
data/motif-2.3.8/demos/lib/Wsm/debug.c:79:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ptr, "\n");
data/motif-2.3.8/demos/lib/Wsm/debug.c:86:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr);
data/motif-2.3.8/demos/lib/Wsm/debug.c:91:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ptr, "\n");
data/motif-2.3.8/demos/lib/Wsm/debug.c:105:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr);
data/motif-2.3.8/demos/lib/Wsm/debug.c:139:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = str + strlen(str);
data/motif-2.3.8/demos/lib/Wsm/debug.c:150:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr);
data/motif-2.3.8/demos/lib/Wsm/debug.c:155:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ptr, "\n");
data/motif-2.3.8/demos/lib/Wsm/debug.c:164:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr);
data/motif-2.3.8/demos/lib/Wsm/debug.c:178:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr);
data/motif-2.3.8/demos/lib/Wsm/debug.c:222:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str += strlen(str);
data/motif-2.3.8/demos/lib/Wsm/debug.c:271:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str += strlen(str);
data/motif-2.3.8/demos/lib/Wsm/debug.c:293:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, "\n");
data/motif-2.3.8/demos/lib/Wsm/debug.c:317:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str += strlen(str);
data/motif-2.3.8/demos/lib/Wsm/debug.c:338:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str += strlen(str);
data/motif-2.3.8/demos/lib/Wsm/pack.c:177:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += (strlen(request->extensions.extension_suggestions[i]) +
data/motif-2.3.8/demos/lib/Wsm/pack.c:331:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += (strlen(reply->extensions.extensions[i]) + COUNT_SIZE);
data/motif-2.3.8/demos/lib/Wsm/pack.c:342:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(XrmQuarkToString(attr[i].nameq)) * sizeof(CARD8);
data/motif-2.3.8/demos/lib/Wsm/pack.c:354:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(XrmQuarkToString(attr[i].nameq)) * sizeof(CARD8);
data/motif-2.3.8/demos/lib/Wsm/pack.c:366:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(XrmQuarkToString(attr[i].nameq)) * sizeof(CARD8);
data/motif-2.3.8/demos/lib/Wsm/pack.c:845:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
register int i, len = strlen(str);
data/motif-2.3.8/demos/lib/Xmd/Help.c:825:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(line);
data/motif-2.3.8/demos/lib/Xmd/Help.c:912:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(rendition_name);
data/motif-2.3.8/demos/lib/Xmd/RegEdit.c:1414:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i, len = strlen(str);
data/motif-2.3.8/demos/programs/ButtonBox/bboxdemo.c:83:13: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Boolean equal;
data/motif-2.3.8/demos/programs/ButtonBox/bboxdemo.c:91:42: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
XtSetArg(args[argcnt], XmNequalSize, equal); argcnt++;
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:796:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wcStr = (wchar_t*)malloc((strlen(str) + 1) * sizeof(wchar_t));
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:797:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
doMbstowcs(wcStr, str, strlen(str) + 1);
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:864:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tagBufLen = strlen(XmSTRING_DEFAULT_CHARSET) + 1;
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:1192:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpBuf = (char*)malloc(strlen(str) + 1);
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:1218:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fVal.size = strlen(str) + 1;
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:1357:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fromVal.size = strlen(from_string) + 1;
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:1675:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = start + strlen(start) - 1;
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:1705:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = start + strlen(start) - 1;
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:1726:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
widget = (char *)XtMalloc((strlen(start) + 2) * sizeof(char));
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:2404:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(xpmColorKeys[key - 1]) == l)
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:2411:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *) malloc(strlen(curbuf) + 1);
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:2423:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(curbuf, " ");/* append space */
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:2431:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
colorTable[a][curkey] = (char *) malloc(strlen(curbuf) + 1);
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:3366:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*cmt, mdata->Comment, mdata->CommentLength);
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:3414:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:3429:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:3450:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/ColorSel/util-c.c:3456:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:796:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wcStr = (wchar_t*)malloc((strlen(str) + 1) * sizeof(wchar_t));
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:797:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
doMbstowcs(wcStr, str, strlen(str) + 1);
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:864:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tagBufLen = strlen(XmSTRING_DEFAULT_CHARSET) + 1;
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:1192:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpBuf = (char*)malloc(strlen(str) + 1);
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:1218:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fVal.size = strlen(str) + 1;
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:1357:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fromVal.size = strlen(from_string) + 1;
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:1675:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = start + strlen(start) - 1;
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:1705:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = start + strlen(start) - 1;
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:1726:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
widget = (char *)XtMalloc((strlen(start) + 2) * sizeof(char));
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:2404:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(xpmColorKeys[key - 1]) == l)
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:2411:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *) malloc(strlen(curbuf) + 1);
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:2423:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(curbuf, " ");/* append space */
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:2431:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
colorTable[a][curkey] = (char *) malloc(strlen(curbuf) + 1);
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:3366:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*cmt, mdata->Comment, mdata->CommentLength);
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:3414:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:3429:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:3450:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/Ext18List/util-c.c:3456:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/IconB/misc.c:766:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wcStr = (wchar_t*)XtMalloc((strlen(str) + 1) * sizeof(wchar_t));
data/motif-2.3.8/demos/programs/IconB/misc.c:767:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
doMbstowcs(wcStr, str, strlen(str) + 1);
data/motif-2.3.8/demos/programs/IconB/misc.c:834:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tagBufLen = strlen(XmSTRING_DEFAULT_CHARSET) + 1;
data/motif-2.3.8/demos/programs/IconB/misc.c:1162:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpBuf = (char*)XtMalloc(strlen(str) + 1);
data/motif-2.3.8/demos/programs/IconB/misc.c:1188:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fVal.size = strlen(str) + 1;
data/motif-2.3.8/demos/programs/IconB/misc.c:1329:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fromVal.size = strlen(from_string) + 1;
data/motif-2.3.8/demos/programs/IconB/misc.c:1647:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = start + strlen(start) - 1;
data/motif-2.3.8/demos/programs/IconB/misc.c:1677:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = start + strlen(start) - 1;
data/motif-2.3.8/demos/programs/IconB/misc.c:1698:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
widget = (char *)XtMalloc((strlen(start) + 2) * sizeof(char));
data/motif-2.3.8/demos/programs/IconB/misc.c:2376:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(xpmColorKeys[key - 1]) == l)
data/motif-2.3.8/demos/programs/IconB/misc.c:2383:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *) malloc(strlen(curbuf) + 1);
data/motif-2.3.8/demos/programs/IconB/misc.c:2395:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(curbuf, " ");/* append space */
data/motif-2.3.8/demos/programs/IconB/misc.c:2403:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
colorTable[a][curkey] = (char *) malloc(strlen(curbuf) + 1);
data/motif-2.3.8/demos/programs/IconB/misc.c:3338:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*cmt, mdata->Comment, mdata->CommentLength);
data/motif-2.3.8/demos/programs/IconB/misc.c:3386:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/IconB/misc.c:3401:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/IconB/misc.c:3422:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/IconB/misc.c:3428:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:807:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wcStr = (wchar_t*)XtMalloc((strlen(str) + 1) * sizeof(wchar_t));
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:808:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
doMbstowcs(wcStr, str, strlen(str) + 1);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:877:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tagBufLen = strlen(XmSTRING_DEFAULT_CHARSET) + 1;
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:1205:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpBuf = (char*)XtMalloc(strlen(str) + 1);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:1231:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fVal.size = strlen(str) + 1;
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:1372:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fromVal.size = strlen(from_string) + 1;
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:1697:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = start + strlen(start) - 1;
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:1727:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = start + strlen(start) - 1;
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:1748:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
widget = (char *)XtMalloc((strlen(start) + 2) * sizeof(char));
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:2406:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(BxXpmColorKeys[key - 1]) == l)
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:2413:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *) malloc(strlen(curbuf) + 1);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:2425:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(curbuf, " ");/* append space */
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:2433:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
colorTable[a][curkey] = (char *) malloc(strlen(curbuf) + 1);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:3368:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*cmt, mdata->Comment, mdata->CommentLength);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:3416:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:3431:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:3452:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/TabStack/bxutils.c:3458:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/TabStack/callbacks.c:154:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = name + strlen(name) - 1;
data/motif-2.3.8/demos/programs/TabStack/callbacks.c:202:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = rsc + strlen(rsc) - 1;
data/motif-2.3.8/demos/programs/TabStack/callbacks.c:238:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = start + strlen(start) - 1;
data/motif-2.3.8/demos/programs/TabStack/callbacks.c:272:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(start)+1, NULL);
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:796:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wcStr = (wchar_t*)malloc((strlen(str) + 1) * sizeof(wchar_t));
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:797:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
doMbstowcs(wcStr, str, strlen(str) + 1);
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:864:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tagBufLen = strlen(XmSTRING_DEFAULT_CHARSET) + 1;
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:1192:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpBuf = (char*)malloc(strlen(str) + 1);
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:1218:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fVal.size = strlen(str) + 1;
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:1357:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fromVal.size = strlen(from_string) + 1;
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:1675:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = start + strlen(start) - 1;
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:1705:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr = start + strlen(start) - 1;
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:1726:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
widget = (char *)XtMalloc((strlen(start) + 2) * sizeof(char));
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:2404:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(xpmColorKeys[key - 1]) == l)
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:2411:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(char *) malloc(strlen(curbuf) + 1);
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:2423:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(curbuf, " ");/* append space */
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:2431:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
colorTable[a][curkey] = (char *) malloc(strlen(curbuf) + 1);
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:3366:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*cmt, mdata->Comment, mdata->CommentLength);
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:3414:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:3429:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:3450:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/Tree/bxutil-c.c:3456:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(mdata->stream.file);
data/motif-2.3.8/demos/programs/drag_and_drop/DNDDraw.c:146:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
from.size = strlen(colorstr) +1;
data/motif-2.3.8/demos/programs/drag_and_drop/simpledrop.c:114:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(strcpy(tmp, s1), s2, 256);
data/motif-2.3.8/demos/programs/draw/draw.c:646:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (app_data->lines[pstr - wstr + strlen(pstr)] == '.')
data/motif-2.3.8/demos/programs/draw/draw.c:651:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(app_data->lines)) graph->num_graphics ++ ;
data/motif-2.3.8/demos/programs/filemanager/convert.c:83:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pathlen = strlen(path) + 1;
data/motif-2.3.8/demos/programs/filemanager/convert.c:87:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(rval, path, pathlen);
data/motif-2.3.8/demos/programs/filemanager/convert.c:104:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cs -> length = strlen(path);
data/motif-2.3.8/demos/programs/filemanager/readdir.c:119:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(dir);
data/motif-2.3.8/demos/programs/filemanager/readdir.c:131:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(dir, "/");
data/motif-2.3.8/demos/programs/filemanager/readdir.c:136:22: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if (dir[0] == 0) strcpy(dir, "/");
data/motif-2.3.8/demos/programs/filemanager/readdir.c:182:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buf, "");
data/motif-2.3.8/demos/programs/filemanager/readdir.c:184:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "/"); /* Unix dependent */
data/motif-2.3.8/demos/programs/filemanager/readdir.c:406:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "/");
data/motif-2.3.8/demos/programs/filemanager/readdir.c:434:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i = strlen(filename);
data/motif-2.3.8/demos/programs/filemanager/readdir.c:454:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(str);
data/motif-2.3.8/demos/programs/filemanager/readdir.c:455:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(msk, str, len - 4);
data/motif-2.3.8/demos/programs/filemanager/readdir.c:590:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(paths[i], currentdir, span);
data/motif-2.3.8/demos/programs/getsubres/getsubres.c:250:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmplen = strlen(tmp) ;
data/motif-2.3.8/demos/programs/getsubres/getsubres.c:292:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (buff_line, resource_list[i].resource_name,
data/motif-2.3.8/demos/programs/getsubres/getsubres.c:293:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(resource_list[i].resource_name)) ;
data/motif-2.3.8/demos/programs/getsubres/getsubres.c:301:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff_line[strlen(resource_list[i-1].resource_name)] = '\0' ;
data/motif-2.3.8/demos/programs/getsubres/getsubres.c:317:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (buff_line, resource_list[i].resource_name,
data/motif-2.3.8/demos/programs/getsubres/getsubres.c:318:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(resource_list[i].resource_name)) ;
data/motif-2.3.8/demos/programs/getsubres/getsubres.c:326:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff_line[strlen(resource_list[i-1].resource_name)] = '\0' ;
data/motif-2.3.8/demos/programs/getsubres/getsubres.c:347:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (buff_line,
data/motif-2.3.8/demos/programs/getsubres/getsubres.c:349:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(
data/motif-2.3.8/demos/programs/getsubres/getsubres.c:359:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff_line[strlen(
data/motif-2.3.8/demos/programs/i18ninput/i18ninput.c:87:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(name, base(argv[0]), 132);
data/motif-2.3.8/demos/programs/i18ninput/input.c:742:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = (char *)XtMalloc(strlen(app_resources.locale_string) + strlen(locale) +
data/motif-2.3.8/demos/programs/i18ninput/input.c:742:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = (char *)XtMalloc(strlen(app_resources.locale_string) + strlen(locale) +
data/motif-2.3.8/demos/programs/i18ninput/input.c:743:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(app_resources.preedit_string) +
data/motif-2.3.8/demos/programs/i18ninput/input.c:744:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(preedit_style) +
data/motif-2.3.8/demos/programs/i18ninput/input.c:745:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(app_resources.status_string) +
data/motif-2.3.8/demos/programs/i18ninput/input.c:746:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(status_style) +
data/motif-2.3.8/demos/programs/i18ninput/input.c:747:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(app_resources.im_info_string) + 100);
data/motif-2.3.8/demos/programs/periodic/periodic.c:279:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(name) > 4) &&
data/motif-2.3.8/demos/programs/periodic/periodic.c:280:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcmp(name + strlen(name) - 4, "Pick") == 0)
data/motif-2.3.8/demos/programs/periodic/periodic.c:286:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(buf + strlen(buf) - 4, "Dialog");
data/motif-2.3.8/demos/programs/sampler2_0/sampler2_0.c:276:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(nb_data->pages[nbcs->page_number - 1].page_name)+1,
data/motif-2.3.8/demos/programs/todo/actions.c:159:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(temp) > 0)
data/motif-2.3.8/demos/programs/todo/actions.c:172:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(temp) > 0)
data/motif-2.3.8/demos/programs/todo/actions.c:418:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(str);
data/motif-2.3.8/demos/programs/todo/actions.c:433:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(new, &str[first], last - first);
data/motif-2.3.8/demos/programs/todo/io.c:166:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) > 3) {
data/motif-2.3.8/demos/programs/todo/io.c:167:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line) - 1] = 0; /* Remove newline */
data/motif-2.3.8/demos/programs/todo/io.c:174:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line) - 1] = 0; /* Remove newline */
data/motif-2.3.8/demos/programs/todo/io.c:175:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) > 3) {
data/motif-2.3.8/demos/programs/todo/io.c:194:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line) - 1] = 0; /* Remove newline */
data/motif-2.3.8/demos/programs/todo/io.c:195:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) > 3) {
data/motif-2.3.8/demos/programs/todo/io.c:222:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
current += strlen(&line[1]);
data/motif-2.3.8/demos/programs/todo/io.c:279:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(oldfilename, "~");
data/motif-2.3.8/demos/programs/workspace/command_ui.c:398:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += sizeof(CARD16) + (strlen(cmdName) * sizeof(CARD8)); /* name */
data/motif-2.3.8/demos/programs/workspace/command_ui.c:399:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += sizeof(CARD16) + (strlen(cmdDefault) * sizeof(CARD8)); /* defalault label */
data/motif-2.3.8/demos/programs/workspace/command_ui.c:450:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += sizeof(CARD16) + (strlen(new_name) * sizeof(CARD8));
data/motif-2.3.8/demos/programs/workspace/wsm.c:356:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*name = XtMalloc(sizeof(char)*(strlen(home_name)+ 1
data/motif-2.3.8/demos/programs/workspace/wsm.c:357:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(app_data.file_name)+ 2));
data/motif-2.3.8/demos/programs/workspace/wsm.c:359:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(*name, "/");
data/motif-2.3.8/demos/programs/workspace/wsm.c:364:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*name = XtMalloc(sizeof(char) *(strlen(app_data.file_name) +1));
data/motif-2.3.8/demos/programs/workspace/wsm.c:370:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*name = XtMalloc(sizeof(char) *(strlen(home_name) + 9));
data/motif-2.3.8/demos/programs/workspace/wsm.c:389:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (char*) XtMalloc((strlen(app_data.workspace_list[i]) +1)
data/motif-2.3.8/demos/programs/workspace/wsm.c:401:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (char*) XtMalloc((strlen(str_table[i]) +1) * sizeof(char));
data/motif-2.3.8/demos/programs/workspace/wsmData.c:84:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curr_size = strlen(s->name) + 2;
data/motif-2.3.8/demos/programs/workspace/wsmData.c:92:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s_list,",");
data/motif-2.3.8/demos/programs/workspace/wsmData.c:100:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curr_size = strlen(s->background) + 2;
data/motif-2.3.8/demos/programs/workspace/wsmData.c:108:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(b_list,",");
data/motif-2.3.8/demos/programs/workspace/wsmData.c:116:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curr_size = strlen(s->pixmap_name) + 2;
data/motif-2.3.8/demos/programs/workspace/wsmData.c:124:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p_list,",");
data/motif-2.3.8/demos/programs/workspace/wsmData.c:127:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max_size = strlen(current_space->name) +1;
data/motif-2.3.8/demos/programs/workspace/wsmData.c:599:50: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (i < win_data->data_len -1) strcat(str,",");
data/motif-2.3.8/demos/programs/workspace/wsmData.c:602:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
values[num_values].size = strlen(str)+1;
data/motif-2.3.8/demos/programs/workspace/wsmData.c:611:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
values[num_values].size = strlen(str) +1;
data/motif-2.3.8/demos/programs/workspace/wsmData.c:705:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str,start,len);
data/motif-2.3.8/demos/programs/workspace/wsmStruct.c:1284:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = &s[strlen(s)-1]; /* point to last char */
data/motif-2.3.8/demos/programs/workspace/wsmStruct.c:1296:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen(s);
data/motif-2.3.8/demos/programs/workspace/wsmStruct.c:1317:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (char*) XtMalloc((strlen("Global") +1) * sizeof(char));
data/motif-2.3.8/demos/programs/workspace/wsmStruct.c:1330:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (char*)XtRealloc(str,(strlen(str)+2 )* sizeof(char));
data/motif-2.3.8/demos/programs/workspace/wsmStruct.c:1331:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str,"I");
data/motif-2.3.8/demos/programs/workspace/wsmStruct.c:1339:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "");
data/motif-2.3.8/demos/programs/workspace/wsmStruct.c:1373:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (char*) XtRealloc((char*)str,(strlen(str)+2) * sizeof(char));
data/motif-2.3.8/demos/programs/workspace/wsmStruct.c:1374:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str,"I");
data/motif-2.3.8/demos/programs/workspace/wsmStruct.c:1448:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (char*) XtRealloc((char*)str,(strlen(str)+2) * sizeof(char));
data/motif-2.3.8/demos/programs/workspace/wsmStruct.c:1449:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str,"I");
data/motif-2.3.8/demos/programs/workspace/wsm_cb.c:313:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = (char*) XtMalloc((strlen(w_list->work_win->name) + 15) * sizeof(char));
data/motif-2.3.8/demos/programs/workspace/wsm_cb.c:765:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
old_name = (char*) XtMalloc(strlen((space->name) +1)*sizeof(char));
data/motif-2.3.8/demos/programs/workspace/wsm_cb.c:768:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) < MAX_LENGTH)
data/motif-2.3.8/demos/programs/workspace/wsm_cb.c:1051:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_length = strlen(home_name) + 1 + strlen(new_file_name) + 2;
data/motif-2.3.8/demos/programs/workspace/wsm_cb.c:1051:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_length = strlen(home_name) + 1 + strlen(new_file_name) + 2;
data/motif-2.3.8/demos/programs/workspace/wsm_cb.c:1054:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(file_name, "/");
data/motif-2.3.8/demos/programs/workspace/wsm_cb.c:1059:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_length = strlen(new_file_name) + 1;
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:568:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value.size = strlen(space_list) +1;
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:584:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value.size = strlen(b_list) +1;
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:601:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value.size = strlen(p_list) +1;
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:611:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value.size = strlen(c_space) +1;
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:712:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(rooms_str) +1;
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:713:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rooms_str = (char*) XtRealloc(rooms_str,(size + strlen(str) + 3)*sizeof(char));
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:715:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(rooms_str,",");
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:719:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(rooms_str) +1;
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:720:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rooms_str = (char*) XtRealloc(rooms_str,(size + strlen(new_str)+2) * sizeof(char));
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:723:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value.size = strlen(rooms_str) +1;
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:745:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value.size = strlen(linked_string) +1;
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:766:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value.size = strlen(all_workspace_string) +1;
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:889:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value.size = strlen(str)+1;
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:952:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(rooms_str) +1;
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:953:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rooms_str = (char*) XtRealloc(rooms_str,(size + strlen(r_str) + 3) * sizeof(char));
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:955:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(rooms_str,",");
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:963:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (in_dbase && room_found && strlen(rooms_str) > 0)
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:965:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(rooms_str);
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:979:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value.size = strlen(rooms_str) +1;
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:1059:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value.size = strlen(str)+1;
data/motif-2.3.8/demos/programs/workspace/xrmLib.c:1169:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value.size = strlen(str)+1;
data/motif-2.3.8/demos/unsupported/aicon/aicon.c:157:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dir_len = strlen(dir) ;
data/motif-2.3.8/demos/unsupported/aicon/aicon.c:211:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
icon_fullname, strlen(icon_fullname)+1, NULL);
data/motif-2.3.8/demos/unsupported/dainput/dainput.c:72:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(name, base(argv[0]), 132);
data/motif-2.3.8/demos/unsupported/dainput/dainput.c:77:14: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(name, *++temp_argv, 132);
data/motif-2.3.8/demos/unsupported/dainput/dainput_dlg.c:287:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&(text_data->text[text_data->text_length]),
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:235:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(np, cp, span);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:271:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(filename);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:279:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp += strlen(prefix);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:280:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(prefix, filename, len);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:308:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pathname, "/");
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:315:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
catlen = strlen(defaultcap);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:316:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
datahome = (char *) malloc(catlen + strlen(fileptr) + 2);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:317:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(datahome, defaultcap, catlen);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:348:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read (fd, retbuff, flen) <= 0)
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:593:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
findCmd = (char *) XtMalloc(strlen(systemCommand) + sizeof(CMD) + 1);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:605:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str)-1] = '\0';
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:610:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *uidpath = XtMalloc(8 + strlen(str) + 4 + 1);
data/motif-2.3.8/demos/unsupported/motifshell/motifshell.c:614:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *uidpath = XtMalloc(strlen(str) + 4 + 1);
data/motif-2.3.8/demos/unsupported/uilsymdump/uilsymdump.c:68:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(file_name) && file_name[strlen(file_name)-1] == '\n')
data/motif-2.3.8/demos/unsupported/uilsymdump/uilsymdump.c:68:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(file_name) && file_name[strlen(file_name)-1] == '\n')
data/motif-2.3.8/demos/unsupported/uilsymdump/uilsymdump.c:69:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file_name[strlen(file_name)-1] = '\0';
data/motif-2.3.8/demos/unsupported/xmapdef/xmapdef.c:515:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filedata->lines[i], strlen(filedata->lines[i]));
data/motif-2.3.8/demos/unsupported/xmfonts/xmfonts.c:255:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > AppData.maxlen) continue ;
data/motif-2.3.8/demos/unsupported/xmform/xmform.c:80:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_word = strlen(word);
data/motif-2.3.8/lib/Mrm/MrmIfile.c:138:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen (name);
data/motif-2.3.8/lib/Mrm/MrmIfile.c:328:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
number_read = read (file_id->file_desc, buffer, IDBRecordSize);
data/motif-2.3.8/lib/Mrm/MrmIheader.c:212:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *buf = XtMalloc(strlen(idb__database_version) + 1);
data/motif-2.3.8/lib/Mrm/MrmIheader.c:300:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( hdrptr->db_version, "" );
data/motif-2.3.8/lib/Mrm/MrmIheader.c:301:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (hdrptr->db_version, idb__database_version, IDBhsVersion);
data/motif-2.3.8/lib/Mrm/MrmIheader.c:302:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( hdrptr->creator, "" );
data/motif-2.3.8/lib/Mrm/MrmIheader.c:303:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (hdrptr->creator, creator, IDBhsCreator);
data/motif-2.3.8/lib/Mrm/MrmIheader.c:304:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( hdrptr->creator_version, "" );
data/motif-2.3.8/lib/Mrm/MrmIheader.c:305:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (hdrptr->creator_version, creator_version, IDBhsVersion);
data/motif-2.3.8/lib/Mrm/MrmIheader.c:307:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( hdrptr->module, "" );
data/motif-2.3.8/lib/Mrm/MrmIheader.c:308:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (hdrptr->module, module, IDBhsModule);
data/motif-2.3.8/lib/Mrm/MrmIheader.c:309:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy ( hdrptr->module_version, "" );
data/motif-2.3.8/lib/Mrm/MrmIheader.c:310:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (hdrptr->module_version, module_version, IDBhsVersion);
data/motif-2.3.8/lib/Mrm/MrmIindexw.c:277:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ndxsiz = MIN(strlen(index),IDBMaxIndexLength) + 1 ;
data/motif-2.3.8/lib/Mrm/MrmIindexw.c:309:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (ndxstg, "") ;
data/motif-2.3.8/lib/Mrm/MrmIindexw.c:310:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (ndxstg, index, IDBMaxIndexLength) ;
data/motif-2.3.8/lib/Mrm/MrmIindexw.c:410:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ndxsiz = MIN(strlen(index),IDBMaxIndexLength) + 1 ;
data/motif-2.3.8/lib/Mrm/MrmIindexw.c:448:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (ndxstg, "") ;
data/motif-2.3.8/lib/Mrm/MrmIindexw.c:449:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (ndxstg, index, IDBMaxIndexLength) ;
data/motif-2.3.8/lib/Mrm/MrmIindexw.c:1229:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stgsiz = strlen(cur_heap) + 1 ;
data/motif-2.3.8/lib/Mrm/MrmIindexw.c:1337:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
stgsiz = strlen(cur_heap) + 1 ;
data/motif-2.3.8/lib/Mrm/Mrmerror.c:208:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
urm__latest_error_msg = (String) XtMalloc (strlen(msg)+1) ;
data/motif-2.3.8/lib/Mrm/Mrmhier.c:724:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strcmp (&name[strlen(name)-4],".uid") != 0 )
data/motif-2.3.8/lib/Mrm/Mrmmodule.c:182:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (ifmodptr->topmost[ndx].index, "") ;
data/motif-2.3.8/lib/Mrm/Mrmmodule.c:259:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat (ifmodptr->topmost[topmost_ndx].index, index, URMMaxIndexLen) ;
data/motif-2.3.8/lib/Mrm/Mrmptrlist.c:337:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newstg = XtMalloc (strlen(stg)+1) ;
data/motif-2.3.8/lib/Mrm/Mrmvm.c:105:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_stg = (String) XtMalloc (strlen(stg)+1) ;
data/motif-2.3.8/lib/Mrm/Mrmwci.c:193:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(create_name) + 1);
data/motif-2.3.8/lib/Mrm/Mrmwci.c:555:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l_length = strlen (c_text);
data/motif-2.3.8/lib/Mrm/Mrmwci.c:655:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l_length = strlen (c_text);
data/motif-2.3.8/lib/Mrm/Mrmwci.c:749:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l_length = strlen (c_text);
data/motif-2.3.8/lib/Mrm/Mrmwci.c:870:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)al_value, c_value, l_length);
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:877:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c_name_tmp = (String)ALLOCATE_LOCAL((strlen(c_name) + 2) * sizeof(char));
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2203:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fontstg, strlen(fontstg) + 1);
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2289:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(fontstg) + 1);
data/motif-2.3.8/lib/Mrm/Mrmwcrw.c:2691:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char8_dst = (String) XtMalloc (strlen(char8_src)+1) ;
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:265:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(class) <= 0 )
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:1239:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(routine) <= 0 )
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:1411:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(routine) <= 0 )
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:1681:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(index) <= 0 )
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:1752:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(comment) <= 0 )
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:1928:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen (stg) + 1 ;
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:2200:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(index) <= 0 )
data/motif-2.3.8/lib/Mrm/Mrmwcrwr.c:2203:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
descsiz = sizeof(RGMResourceDesc) + strlen(index) ;
data/motif-2.3.8/lib/Mrm/Mrmwrefs.c:165:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name_bytes = strlen(w_name);
data/motif-2.3.8/lib/Mrm/Mrmwrefs.c:322:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
svdesc->tagname = (String) XtMalloc (strlen(argname)+1);
data/motif-2.3.8/lib/Mrm/Mrmwrefs.c:408:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
svdesc->tagname = (String) XtMalloc (strlen(argname)+1);
data/motif-2.3.8/lib/Mrm/Mrmwvalues.c:168:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
indexlen = MAX (indexlen, strlen((char*)args[ndx].value)) ;
data/motif-2.3.8/lib/Xm/ClipWindow.c:309:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp += strlen(tmp);
data/motif-2.3.8/lib/Xm/Color.c:283:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fromVal.size = strlen(default_string);
data/motif-2.3.8/lib/Xm/ColorObj.c:660:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += strlen(tmp);
data/motif-2.3.8/lib/Xm/ColorObj.c:670:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += strlen(tmp);
data/motif-2.3.8/lib/Xm/ColorS.c:1299:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(color_name);
data/motif-2.3.8/lib/Xm/Column.c:777:22: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Boolean equal;
data/motif-2.3.8/lib/Xm/Column.c:899:9: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if( equal )
data/motif-2.3.8/lib/Xm/Column.c:1129:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen(XtName(new_w)) > 240 )
data/motif-2.3.8/lib/Xm/Column.c:1131:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, XtName(new_w), 240);
data/motif-2.3.8/lib/Xm/Container.c:5295:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen((char*) value);
data/motif-2.3.8/lib/Xm/Container.c:5305:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen((char*) value);
data/motif-2.3.8/lib/Xm/CutPaste.c:1171:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(match);
data/motif-2.3.8/lib/Xm/CutPaste.c:1181:11: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal) /* Bogus type left by old Clipboard */
data/motif-2.3.8/lib/Xm/CutPaste.c:1363:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
item = XtMalloc( strlen( format_name ) + strlen( atomname_format ) + 1 );
data/motif-2.3.8/lib/Xm/CutPaste.c:1363:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
item = XtMalloc( strlen( format_name ) + strlen( atomname_format ) + 1 );
data/motif-2.3.8/lib/Xm/CutPaste.c:3169:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
formatptr->formatNameLength = strlen( format );
data/motif-2.3.8/lib/Xm/CutPaste.c:4126:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = strlen(str);
data/motif-2.3.8/lib/Xm/CutPaste.c:4253:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
loc_outlength = strlen( ptr );
data/motif-2.3.8/lib/Xm/CutPaste.c:4261:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( (char *) buffer, ptr, (unsigned) loc_outlength );
data/motif-2.3.8/lib/Xm/CutPaste.c:4492:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( format_name == 0 || strlen( format_name ) == 0 )
data/motif-2.3.8/lib/Xm/DataF.c:1562:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newptr = XtMalloc((cbs->text->length + strlen(curr) + 2) *
data/motif-2.3.8/lib/Xm/DataF.c:1591:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=0; i<strlen(newptr); i++) {
data/motif-2.3.8/lib/Xm/DataF.c:1620:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cbs->text->length = strlen(changed);
data/motif-2.3.8/lib/Xm/DataF.c:2843:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(seg, (char *)(XmTextF_value(tf) + seg_start),
data/motif-2.3.8/lib/Xm/DataF.c:5107:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
insert_length = strlen(insert_string);
data/motif-2.3.8/lib/Xm/DataF.c:7321:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc_size += strlen(tmp_value[i]);
data/motif-2.3.8/lib/Xm/DataF.c:7331:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(total_tmp_value),
data/motif-2.3.8/lib/Xm/DataF.c:7340:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc_size += strlen(tmp_value[i]) * sizeof(wchar_t);
data/motif-2.3.8/lib/Xm/DataF.c:8624:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
event_bindings = (char *)XtMalloc((unsigned) (strlen(EventBindings1) +
data/motif-2.3.8/lib/Xm/DataF.c:8625:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(EventBindings2) +
data/motif-2.3.8/lib/Xm/DataF.c:8626:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(EventBindings3) + strlen("\n") +
data/motif-2.3.8/lib/Xm/DataF.c:8626:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(EventBindings3) + strlen("\n") +
data/motif-2.3.8/lib/Xm/DataF.c:8627:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(EventBindings4) + 1));
data/motif-2.3.8/lib/Xm/DataF.c:8630:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(event_bindings, "\n");
data/motif-2.3.8/lib/Xm/DataF.c:8863:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_len = strlen(value);
data/motif-2.3.8/lib/Xm/DataF.c:8905:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XmTextF_string_length(tf) = strlen(start_temp);
data/motif-2.3.8/lib/Xm/DataF.c:8914:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_len = strlen(start_temp);
data/motif-2.3.8/lib/Xm/DataF.c:9757:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc_size += strlen(tmp_value[i]);
data/motif-2.3.8/lib/Xm/DataF.c:9763:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
total_length = strlen(total_tmp_value);
data/motif-2.3.8/lib/Xm/DataF.c:11330:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(value);
data/motif-2.3.8/lib/Xm/DataF.c:11501:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(value);
data/motif-2.3.8/lib/Xm/DataF.c:11506:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(1 + strlen(value)));
data/motif-2.3.8/lib/Xm/DataF.c:11507:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = mbstowcs(wc_value, value, (unsigned) (strlen(value) + 1));
data/motif-2.3.8/lib/Xm/DataF.c:12392:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc_size += strlen(tmp_value[i]);
data/motif-2.3.8/lib/Xm/DataF.c:12403:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(total_tmp_value), True);
data/motif-2.3.8/lib/Xm/DataF.c:12412:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc_size += strlen(tmp_value[i]);
data/motif-2.3.8/lib/Xm/DataFSel.c:188:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc_size += strlen(tmp_value[i]);
data/motif-2.3.8/lib/Xm/DialogS.c:828:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ds_name = XtMalloc( (strlen(name)+XmDIALOG_SUFFIX_SIZE+1) * sizeof(char) ) ;
data/motif-2.3.8/lib/Xm/DropDown.c:369:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return((size_t) strlen((char*) wcs));
data/motif-2.3.8/lib/Xm/DropDown.c:396:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
return(strncpy(s1,s2,len));
data/motif-2.3.8/lib/Xm/DropDown.c:2358:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
from.size = sizeof(char) * (strlen(ptr) + 1);
data/motif-2.3.8/lib/Xm/EditresCom.c:892:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msg1) + strlen(msg2) + strlen(info->event->name) + 1;
data/motif-2.3.8/lib/Xm/EditresCom.c:892:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msg1) + strlen(msg2) + strlen(info->event->name) + 1;
data/motif-2.3.8/lib/Xm/EditresCom.c:892:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msg1) + strlen(msg2) + strlen(info->event->name) + 1;
data/motif-2.3.8/lib/Xm/EditresCom.c:904:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msg) + 1;
data/motif-2.3.8/lib/Xm/EditresCom.c:906:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(params[0]);
data/motif-2.3.8/lib/Xm/EditresCom.c:925:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msg1) + strlen(msg2) + strlen(msg3) + 1 +
data/motif-2.3.8/lib/Xm/EditresCom.c:925:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msg1) + strlen(msg2) + strlen(msg3) + 1 +
data/motif-2.3.8/lib/Xm/EditresCom.c:925:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msg1) + strlen(msg2) + strlen(msg3) + 1 +
data/motif-2.3.8/lib/Xm/EditresCom.c:926:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(info->event->value) + strlen(info->event->name);
data/motif-2.3.8/lib/Xm/EditresCom.c:926:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(info->event->value) + strlen(info->event->name);
data/motif-2.3.8/lib/Xm/EditresCom.c:931:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msg1) + strlen(msg2) + strlen(info->event->name) + 1;
data/motif-2.3.8/lib/Xm/EditresCom.c:931:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msg1) + strlen(msg2) + strlen(info->event->name) + 1;
data/motif-2.3.8/lib/Xm/EditresCom.c:931:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msg1) + strlen(msg2) + strlen(info->event->name) + 1;
data/motif-2.3.8/lib/Xm/EditresCom.c:956:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msg1) + strlen(msg2) + strlen(msg3) + strlen(msg4) +
data/motif-2.3.8/lib/Xm/EditresCom.c:956:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msg1) + strlen(msg2) + strlen(msg3) + strlen(msg4) +
data/motif-2.3.8/lib/Xm/EditresCom.c:956:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msg1) + strlen(msg2) + strlen(msg3) + strlen(msg4) +
data/motif-2.3.8/lib/Xm/EditresCom.c:956:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(msg1) + strlen(msg2) + strlen(msg3) + strlen(msg4) +
data/motif-2.3.8/lib/Xm/EditresCom.c:957:3: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(name) + strlen(type) + strlen(class) + strlen(msg) + 1;
data/motif-2.3.8/lib/Xm/EditresCom.c:957:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(name) + strlen(type) + strlen(class) + strlen(msg) + 1;
data/motif-2.3.8/lib/Xm/EditresCom.c:957:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(name) + strlen(type) + strlen(class) + strlen(msg) + 1;
data/motif-2.3.8/lib/Xm/EditresCom.c:957:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(name) + strlen(type) + strlen(class) + strlen(msg) + 1;
data/motif-2.3.8/lib/Xm/EditresCom.c:1661:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&buffer[strlen(buffer)], " (%s)", res->resource_type);
data/motif-2.3.8/lib/Xm/EditresCom.c:1793:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int i, len = strlen(str);
data/motif-2.3.8/lib/Xm/FileSB.c:1852:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirLen = strlen( dir) ;
data/motif-2.3.8/lib/Xm/FileSB.c:2016:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qDirLen = strlen( qualifiedDir) ;
data/motif-2.3.8/lib/Xm/FileSB.c:2017:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
qualifiedMask = XtMalloc( 1 + qDirLen + strlen( qualifiedPattern)) ;
data/motif-2.3.8/lib/Xm/FileSB.c:2047:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned dirLen = strlen( dirStr) ;
data/motif-2.3.8/lib/Xm/FileSB.c:2049:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
valueString = XtMalloc( dirLen + strlen( fileStr) + 1) ;
data/motif-2.3.8/lib/Xm/FileSB.c:2152:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( dirString) ;
data/motif-2.3.8/lib/Xm/FileSB.c:2153:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maskString = XtMalloc( len + strlen( patternString) + 1) ;
data/motif-2.3.8/lib/Xm/FileSB.c:2315:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirLen = strlen( qualifiedDir) ;
data/motif-2.3.8/lib/Xm/FileSB.c:2438:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( dirString) ;
data/motif-2.3.8/lib/Xm/FileSB.c:2440:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen( patternString) + 1) ;
data/motif-2.3.8/lib/Xm/FileSB.c:3138:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirLen = strlen( dir) ;
data/motif-2.3.8/lib/Xm/FileSB.c:3142:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maskLen = strlen( mask) ;
data/motif-2.3.8/lib/Xm/I18List.c:3738:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen((char*) value);
data/motif-2.3.8/lib/Xm/I18List.c:3794:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen((char*) value);
data/motif-2.3.8/lib/Xm/IconButton.c:1953:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fromVal.size = strlen(str) + 1; /* space for NULL. */
data/motif-2.3.8/lib/Xm/IconFile.c:199:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufLen = strlen(currDirect->d_name);
data/motif-2.3.8/lib/Xm/IconFile.c:228:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = p + strlen(p) + 1) {
data/motif-2.3.8/lib/Xm/IconFile.c:231:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nameHeapSize += strlen(p);
data/motif-2.3.8/lib/Xm/IconFile.c:242:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
validDir->dirNameLen = strlen(dirName);
data/motif-2.3.8/lib/Xm/IconFile.c:254:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i++, p = p + strlen(p) + 1) {
data/motif-2.3.8/lib/Xm/IconFile.c:257:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
validDir->nameOffsets[i] + strlen(p);
data/motif-2.3.8/lib/Xm/IconFile.c:258:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(&(nameHeap[validDir->nameOffsets[i]]), p, strlen(p));
data/motif-2.3.8/lib/Xm/IconFile.c:270:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cachedDir->common.dirNameLen = strlen(dirName);
data/motif-2.3.8/lib/Xm/IconFile.c:298:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirNameLen = strlen(path);
data/motif-2.3.8/lib/Xm/IconFile.c:352:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fileNameLen = strlen(path);
data/motif-2.3.8/lib/Xm/IconFile.c:357:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fileNameLen = strlen(path) - dirNameLen - 1;
data/motif-2.3.8/lib/Xm/IconFile.c:395:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
dirName = strncpy(XtMalloc(dirNameLen+1), path, dirNameLen);
data/motif-2.3.8/lib/Xm/IconFile.c:538:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int len = strlen(data->key_name);
data/motif-2.3.8/lib/Xm/IconFile.c:671:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int basenameLen = strlen(names[i]);
data/motif-2.3.8/lib/Xm/IconFile.c:672:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int sizeLen = strlen(iconSubs[M_SUB].substitution);
data/motif-2.3.8/lib/Xm/IconFile.c:707:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirLen = strlen(iNameEntry->dirName);
data/motif-2.3.8/lib/Xm/IconFile.c:708:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
leafLen = strlen(iNameEntry->leafName);
data/motif-2.3.8/lib/Xm/IconFile.c:808:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dirName, fileName, dirNameLen);
data/motif-2.3.8/lib/Xm/ImageCache.c:218:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int len = strlen(data);
data/motif-2.3.8/lib/Xm/Label.c:2452:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen (lw->label.mnemonicCharset);
data/motif-2.3.8/lib/Xm/Label.c:2815:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen((char*) value);
data/motif-2.3.8/lib/Xm/Label.c:2871:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen((char*) value);
data/motif-2.3.8/lib/Xm/Label.c:3011:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*length = str ? strlen(str) : 0;
data/motif-2.3.8/lib/Xm/Label.c:3013:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*length = str ? strlen(rval) : 0;
data/motif-2.3.8/lib/Xm/LabelG.c:3391:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen (LabG_MnemonicCharset (lw));
data/motif-2.3.8/lib/Xm/List.c:940:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ALLOCATE_LOCAL(strlen(ListXlations1) + strlen(ListXlations2) + 1);
data/motif-2.3.8/lib/Xm/List.c:940:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ALLOCATE_LOCAL(strlen(ListXlations1) + strlen(ListXlations2) + 1);
data/motif-2.3.8/lib/Xm/List.c:7726:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen((char*) value);
data/motif-2.3.8/lib/Xm/List.c:7781:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen((char*) value);
data/motif-2.3.8/lib/Xm/MapEvents.c:473:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(keySymName, start, str-start);
data/motif-2.3.8/lib/Xm/MapEvents.c:545:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(modStr, start, str-start);
data/motif-2.3.8/lib/Xm/MapEvents.c:574:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(modStr, start, str-start);
data/motif-2.3.8/lib/Xm/MapEvents.c:631:12: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void) strncpy(eventTypeStr, start, str-start);
data/motif-2.3.8/lib/Xm/Obso1_2.c:1577:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirLen = strlen( dir) ;
data/motif-2.3.8/lib/Xm/Obso1_2.c:1581:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maskLen = strlen( mask) ;
data/motif-2.3.8/lib/Xm/Obso1_2.c:1826:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(charset) == 5)
data/motif-2.3.8/lib/Xm/Obso1_2.c:1847:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(XmSTRING_ISO8859_1);
data/motif-2.3.8/lib/Xm/Obso1_2.c:1850:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(new_s, XmSTRING_ISO8859_1, len);
data/motif-2.3.8/lib/Xm/Obso1_2.c:1865:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(charset);
data/motif-2.3.8/lib/Xm/Obso1_2.c:1868:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(new_s, charset, len);
data/motif-2.3.8/lib/Xm/Obso1_2.c:2004:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
data = (String)XtMalloc(strlen(RC_MenuAccelerator(rc)) + 1);
data/motif-2.3.8/lib/Xm/Obso2_0.c:249:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp += strlen(tmp);
data/motif-2.3.8/lib/Xm/Obso2_0.c:454:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XtMalloc(strlen(new_color_spec) + 1);
data/motif-2.3.8/lib/Xm/Obso2_0.c:1046:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fromVal.size = strlen(default_string);
data/motif-2.3.8/lib/Xm/PrintS.c:760:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void) read(cb->pipe, &status, sizeof(XPGetDocStatus));
data/motif-2.3.8/lib/Xm/RCMenu.c:1514:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (accelerator && (strlen(accelerator) > 0))
data/motif-2.3.8/lib/Xm/RCMenu.c:1533:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (RC_MenuAccelerator(m) && (strlen(RC_MenuAccelerator(m)) > 0))
data/motif-2.3.8/lib/Xm/RepType.c:1185:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TmpStr[Index] = XtMalloc(PrefixSize + strlen(StrArray[Index]) + 1);
data/motif-2.3.8/lib/Xm/RepType.c:1682:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
in_str = (char *) XtMalloc (strlen(reverse_message) + 10) ;
data/motif-2.3.8/lib/Xm/ResConvert.c:1261:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*cs = XtMalloc(strlen(*s) + 1);
data/motif-2.3.8/lib/Xm/ResConvert.c:1289:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp, *s, csize);
data/motif-2.3.8/lib/Xm/ResConvert.c:1455:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( table[i], top, len) ;
data/motif-2.3.8/lib/Xm/ResConvert.c:2009:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strDataSize += strlen(cs_str) + 1;
data/motif-2.3.8/lib/Xm/ResConvert.c:2027:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dataPtr += strlen(cs_str) + 1;
data/motif-2.3.8/lib/Xm/ResConvert.c:2616:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (tmp == NULL) *s += strlen(*s);
data/motif-2.3.8/lib/Xm/ResEncod.c:599:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
total_size += strlen(EncodingRegistryTag(current)) +
data/motif-2.3.8/lib/Xm/ResEncod.c:600:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(EncodingRegistryEncoding(current)) + 2;
data/motif-2.3.8/lib/Xm/ResEncod.c:613:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count = strlen(EncodingRegistryTag(current));
data/motif-2.3.8/lib/Xm/ResEncod.c:618:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count = strlen(EncodingRegistryEncoding(current));
data/motif-2.3.8/lib/Xm/ResEncod.c:1029:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(charset_copy, (char *) esptr, len);
data/motif-2.3.8/lib/Xm/ResEncod.c:1435:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(strings[0]),
data/motif-2.3.8/lib/Xm/ResEncod.c:1781:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(charset_copy, (char *) esptr, len);
data/motif-2.3.8/lib/Xm/ResEncod.c:2451:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctlen = strlen((char *)ctext);
data/motif-2.3.8/lib/Xm/ResEncod.c:2487:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctlen = strlen((char *)prop_rtn.value);
data/motif-2.3.8/lib/Xm/ResEncod.c:2512:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctlen = strlen((char *)ctext);
data/motif-2.3.8/lib/Xm/ResEncod.c:2518:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*outc = ctextConcat(*outc, *outlen, (const_OctetPtr)text, strlen(text));
data/motif-2.3.8/lib/Xm/ResEncod.c:2586:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctlen = strlen((char *)prop_rtn.value);
data/motif-2.3.8/lib/Xm/ResEncod.c:2607:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ctlen = strlen((char *)ctext);
data/motif-2.3.8/lib/Xm/ResEncod.c:2744:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tag);
data/motif-2.3.8/lib/Xm/ResEncod.c:2856:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/motif-2.3.8/lib/Xm/RowColumn.c:2437:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp += strlen(tmp);
data/motif-2.3.8/lib/Xm/RowColumn.c:3227:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b = XtMalloc(strlen(POPUP_PREFIX) + strlen(name) + 1);
data/motif-2.3.8/lib/Xm/RowColumn.c:3227:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b = XtMalloc(strlen(POPUP_PREFIX) + strlen(name) + 1);
data/motif-2.3.8/lib/Xm/RowColumn.c:4124:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
data = (String)XtMalloc(strlen(RC_MenuAccelerator(rc)) + 1);
data/motif-2.3.8/lib/Xm/SSpinB.c:377:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
widget_name = XtMalloc(strlen(XtName(new)) + 10);
data/motif-2.3.8/lib/Xm/Scale.c:1806:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XTextExtents(sw->scale.font_struct, buff, strlen(buff),\
data/motif-2.3.8/lib/Xm/Scale.c:1848:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XTextExtents(sw->scale.font_struct, buff, strlen(buff),\
data/motif-2.3.8/lib/Xm/Scale.c:1890:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XTextExtents(sw->scale.font_struct, buff, strlen(buff),\
data/motif-2.3.8/lib/Xm/Scale.c:1937:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XTextExtents(sw->scale.font_struct, buff, strlen(buff),\
data/motif-2.3.8/lib/Xm/Scale.c:2839:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
diff = strlen(buffer) - sw->scale.decimal_points;
data/motif-2.3.8/lib/Xm/Scale.c:2841:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dec_point_size = strlen(loc_values->decimal_point);
data/motif-2.3.8/lib/Xm/Scale.c:2843:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(buffer); i >= diff; i--)
data/motif-2.3.8/lib/Xm/Scale.c:2932:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XTextExtents (sw->scale.font_struct, buffer, strlen(buffer),
data/motif-2.3.8/lib/Xm/Scale.c:3033:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sw->scale.foreground_GC, x, y, buffer, strlen(buffer));
data/motif-2.3.8/lib/Xm/Scale.c:3311:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen((char*) value);
data/motif-2.3.8/lib/Xm/Scale.c:3329:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(passtext);
data/motif-2.3.8/lib/Xm/Text.c:746:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
event_bindings = (char *)XtMalloc(strlen(_XmTextEventBindings1) +
data/motif-2.3.8/lib/Xm/Text.c:747:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(_XmTextEventBindings2) +
data/motif-2.3.8/lib/Xm/Text.c:748:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(_XmTextEventBindings3) + 1);
data/motif-2.3.8/lib/Xm/Text.c:2281:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(String)XtMalloc(strlen(_XmTextIn_XmTextVEventBindings) + 1);
data/motif-2.3.8/lib/Xm/Text.c:2351:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else block.length = strlen(block.ptr);
data/motif-2.3.8/lib/Xm/Text.c:3425:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
block.length = strlen(block.ptr);
data/motif-2.3.8/lib/Xm/Text.c:3627:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
escapement = XmbTextExtents((XFontSet)font, mb, strlen(mb),
data/motif-2.3.8/lib/Xm/Text.c:3679:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mb = XtRealloc(mb, strlen(mb)+strlen(over_mb)+1);
data/motif-2.3.8/lib/Xm/Text.c:3679:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mb = XtRealloc(mb, strlen(mb)+strlen(over_mb)+1);
data/motif-2.3.8/lib/Xm/Text.c:3685:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mb = XtRealloc(mb, strlen(mb) + (recover_len + 1 ) * tw->text.char_size);
data/motif-2.3.8/lib/Xm/Text.c:3692:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(mb);
data/motif-2.3.8/lib/Xm/Text.c:3693:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(mb, ptr, total_mb_len);
data/motif-2.3.8/lib/Xm/Text.c:3720:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
block.length = strlen(mb);
data/motif-2.3.8/lib/Xm/Text.c:3833:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(mb);
data/motif-2.3.8/lib/Xm/Text.c:4203:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s_size = ((name) ? strlen(name) : 0) + 3;
data/motif-2.3.8/lib/Xm/TextF.c:95:9: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define wcslen(c) _Xwcslen(c)
data/motif-2.3.8/lib/Xm/TextF.c:97:9: [1] (buffer) wcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define wcsncpy(d,s,l) _Xwcsncpy(d,s,l)
data/motif-2.3.8/lib/Xm/TextF.c:138:9: [1] (buffer) wcsncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, or
automatically resizing strings.
#define wcsncat(w1,w2,l) _Xmwcsncat(w1,w2,l)
data/motif-2.3.8/lib/Xm/TextF.c:6779:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
event_bindings = (char *)XtMalloc((unsigned) (strlen(EventBindings1) +
data/motif-2.3.8/lib/Xm/TextF.c:6780:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(EventBindings2) +
data/motif-2.3.8/lib/Xm/TextF.c:6781:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(EventBindings3) + 1));
data/motif-2.3.8/lib/Xm/TextF.c:6982:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_len = strlen(value);
data/motif-2.3.8/lib/Xm/TextF.c:7007:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
num_conv = strlen(curr_str);
data/motif-2.3.8/lib/Xm/TextF.c:7059:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tf->text.string_length = strlen(start_temp);
data/motif-2.3.8/lib/Xm/TextF.c:7068:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_len = strlen(start_temp);
data/motif-2.3.8/lib/Xm/TextF.c:9166:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mb, strlen(mb), &overall_ink, NULL);
data/motif-2.3.8/lib/Xm/TextF.c:9251:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mb = XtRealloc(mb, strlen(mb)+strlen(over_mb)+1);
data/motif-2.3.8/lib/Xm/TextF.c:9251:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mb = XtRealloc(mb, strlen(mb)+strlen(over_mb)+1);
data/motif-2.3.8/lib/Xm/TextF.c:9257:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mb = XtRealloc(mb, strlen(mb)+(recover_len+1));
data/motif-2.3.8/lib/Xm/TextF.c:9259:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(mb);
data/motif-2.3.8/lib/Xm/TextF.c:9260:12: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(mb, ptr, recover_len);
data/motif-2.3.8/lib/Xm/TextF.c:9265:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PreeditVerifyReplace(tf, startPos, endPos, mb, strlen(mb),
data/motif-2.3.8/lib/Xm/TextF.c:9275:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(mb), True);
data/motif-2.3.8/lib/Xm/TextF.c:9304:24: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wcslen(wc)+(recover_len+1)*sizeof(wchar_t));
data/motif-2.3.8/lib/Xm/TextF.c:9317:16: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = wcslen(wc);
data/motif-2.3.8/lib/Xm/TextF.c:9318:12: [1] (buffer) wcsncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, or
automatically resizing strings.
wcsncat(wc, recover_wc, recover_len);
data/motif-2.3.8/lib/Xm/TextF.c:9327:5: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wcslen(wc), PreCursor(tf), &end_preedit);
data/motif-2.3.8/lib/Xm/TextF.c:9336:46: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wcslen(wc), True);
data/motif-2.3.8/lib/Xm/TextF.c:9454:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((insert_length = strlen(mb)) > TEXT_MAX_INSERT_SIZE) {
data/motif-2.3.8/lib/Xm/TextF.c:9714:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(value);
data/motif-2.3.8/lib/Xm/TextF.c:9749:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((strlen(value) + 1) * sizeof(wchar_t)));
data/motif-2.3.8/lib/Xm/TextF.c:9750:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = mbstowcs(wbuf, value, (size_t)(strlen(value) + 1));
data/motif-2.3.8/lib/Xm/TextF.c:9774:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(value);
data/motif-2.3.8/lib/Xm/TextF.c:9908:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(value);
data/motif-2.3.8/lib/Xm/TextF.c:9913:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(1 + strlen(value)));
data/motif-2.3.8/lib/Xm/TextF.c:9914:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = mbstowcs(wc_value, value, (unsigned) (strlen(value) + 1));
data/motif-2.3.8/lib/Xm/TextFSel.c:250:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
num_chars = strlen(total_value);
data/motif-2.3.8/lib/Xm/TextFSel.c:256:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(total_value) + 1;
data/motif-2.3.8/lib/Xm/TextFSel.c:913:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
total_length = strlen(total_value);
data/motif-2.3.8/lib/Xm/TextFSel.c:1121:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prim_select->num_chars = strlen(total_value);
data/motif-2.3.8/lib/Xm/TextFSel.c:1133:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int tmp_len = strlen(total_value) + 1;
data/motif-2.3.8/lib/Xm/TextFind.c:50:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
search_length = _XmTextCountCharacters(search_string,strlen(search_string));
data/motif-2.3.8/lib/Xm/TextFind.c:513:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
search_length = _XmTextCountCharacters(search_string,strlen(search_string));
data/motif-2.3.8/lib/Xm/TextFunc.c:109:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
block.length = strlen(value);
data/motif-2.3.8/lib/Xm/TextIn.c:1104:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
XStoreBuffer(XtDisplay(tw), ptr, strlen(ptr), 0);
data/motif-2.3.8/lib/Xm/TextIn.c:1475:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
block.length = strlen(str);
data/motif-2.3.8/lib/Xm/TextSel.c:260:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
block.length = strlen(block.ptr);
data/motif-2.3.8/lib/Xm/TextSel.c:550:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*length = strlen((char*) *value);
data/motif-2.3.8/lib/Xm/TextSel.c:1017:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
block.length = strlen(block.ptr);
data/motif-2.3.8/lib/Xm/TextSel.c:1226:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
block.length = strlen(block.ptr);
data/motif-2.3.8/lib/Xm/TextStrSo.c:1551:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
num_chars = _XmTextCountCharacters(value, strlen(value));
data/motif-2.3.8/lib/Xm/TextStrSo.c:1682:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
block.length = strlen(value);
data/motif-2.3.8/lib/Xm/Transfer.c:2183:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cs -> length = total_value != NULL ? strlen(total_value) : 0;
data/motif-2.3.8/lib/Xm/Transfer.c:2303:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc_size += strlen(values[i]);
data/motif-2.3.8/lib/Xm/TxtPropCv.c:103:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += strlen(textlist[i]);
data/motif-2.3.8/lib/Xm/TxtPropCv.c:236:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(*buffer) + (separator ? 1 : 0) + tabs;
data/motif-2.3.8/lib/Xm/TxtPropCv.c:240:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(newstring, "\n");
data/motif-2.3.8/lib/Xm/TxtPropCv.c:312:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_so_far += strlen(text);
data/motif-2.3.8/lib/Xm/TxtPropCv.c:350:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
txt_len = strlen(compound_text) + 1;
data/motif-2.3.8/lib/Xm/TxtPropCv.c:407:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
total_size += (compound_text[i] ? strlen(compound_text[i]) : 0) +1;
data/motif-2.3.8/lib/Xm/TxtPropCv.c:426:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(ptr) + 1;
data/motif-2.3.8/lib/Xm/TxtPropCv.c:539:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
total_size += strlen(useable_text[i]) + 1;
data/motif-2.3.8/lib/Xm/TxtPropCv.c:547:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufptr += strlen(useable_text[i]) + 1;
data/motif-2.3.8/lib/Xm/TxtPropCv.c:619:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i++, ptr += strlen(ptr) + 1)
data/motif-2.3.8/lib/Xm/VendorS.c:1827:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void) sprintf(&buf[strlen(buf)], buf2, par[0], par[1], par[2], par[3],
data/motif-2.3.8/lib/Xm/VendorS.c:1838:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen (bp);
data/motif-2.3.8/lib/Xm/VendorS.c:1840:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (&buf2[pos], bp, (int) (newline_pos - bp + 1));
data/motif-2.3.8/lib/Xm/VirtKeys.c:856:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line[strlen(line) - 1] == '\n') skip = False;
data/motif-2.3.8/lib/Xm/VirtKeys.c:860:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (line[strlen(line) - 1] == '\n') continue;
data/motif-2.3.8/lib/Xm/VirtKeys.c:868:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (count + strlen(line) >= buffersize) {
data/motif-2.3.8/lib/Xm/VirtKeys.c:879:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
count += strlen(line);
data/motif-2.3.8/lib/Xm/VirtKeys.c:908:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vendorV = XtMalloc (strlen(vendor) + 20); /* assume rel.# is < 19 digits */
data/motif-2.3.8/lib/Xm/VirtKeys.c:997:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned char *)*binding, strlen(*binding));
data/motif-2.3.8/lib/Xm/VirtKeys.c:1024:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*binding = XtMalloc (strlen (currDefault->defaults) + 1);
data/motif-2.3.8/lib/Xm/VirtKeys.c:1034:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*binding = XtMalloc (strlen (defaultFallbackBindings) + 1);
data/motif-2.3.8/lib/Xm/VirtKeys.c:1042:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned char *)*binding, strlen(*binding));
data/motif-2.3.8/lib/Xm/XmExtUtil.c:360:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += strlen( newText );
data/motif-2.3.8/lib/Xm/XmExtUtil.c:391:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(newText);
data/motif-2.3.8/lib/Xm/XmExtUtil.c:401:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(text, "\n");
data/motif-2.3.8/lib/Xm/XmExtUtil.c:441:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(text, "\n");
data/motif-2.3.8/lib/Xm/XmI.h:96:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define XmStrlen(s) ((s) ? strlen(s) : 0)
data/motif-2.3.8/lib/Xm/XmIm.c:1075:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cpend = &tmp[strlen(tmp)];
data/motif-2.3.8/lib/Xm/XmIm.c:1076:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(tmp) < BUFSIZ);
data/motif-2.3.8/lib/Xm/XmIm.c:2254:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(tmp) < BUFSIZ);
data/motif-2.3.8/lib/Xm/XmRenderT.c:2061:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fromVal.size = strlen(_XmRendFontName(rend));
data/motif-2.3.8/lib/Xm/XmRenderT.c:2662:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(CVTtransfervector, "");
data/motif-2.3.8/lib/Xm/XmRenderT.c:2665:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(CVTtransfervector, ",");
data/motif-2.3.8/lib/Xm/XmRenderT.c:2667:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(CVTtransfervector, "\n");
data/motif-2.3.8/lib/Xm/XmRenderT.c:2672:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chars_used = strlen(buffer);
data/motif-2.3.8/lib/Xm/XmRenderT.c:2681:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(temp);
data/motif-2.3.8/lib/Xm/XmRenderT.c:2691:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(str);
data/motif-2.3.8/lib/Xm/XmRenderT.c:2706:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(temp + strlen(temp), " %f %d %d %d, ", tab -> value,
data/motif-2.3.8/lib/Xm/XmRenderT.c:2714:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(str);
data/motif-2.3.8/lib/Xm/XmRenderT.c:2723:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(str);
data/motif-2.3.8/lib/Xm/XmRenderT.c:2732:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(str);
data/motif-2.3.8/lib/Xm/XmRenderT.c:2741:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(str);
data/motif-2.3.8/lib/Xm/XmRenderT.c:2750:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(str);
data/motif-2.3.8/lib/Xm/XmRenderT.c:2825:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(new_token -> string, &string[pos + 1], count);
data/motif-2.3.8/lib/Xm/XmString.c:878:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t_length = ((len >= 0) ? len : strlen (text));
data/motif-2.3.8/lib/Xm/XmString.c:1179:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (length == XmSTRING_TAG_STRLEN) length = strlen(tag);
data/motif-2.3.8/lib/Xm/XmString.c:2700:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
byte_count = strlen((char *)text);
data/motif-2.3.8/lib/Xm/XmString.c:6828:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(XmFALLBACK_CHARSET);
data/motif-2.3.8/lib/Xm/XmString.c:6833:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(XmFALLBACK_CHARSET);
data/motif-2.3.8/lib/Xm/XmString.c:6837:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(locale.tag, ptr, len);
data/motif-2.3.8/lib/Xm/XmString.c:7827:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen((char*) pattern->pattern) == char_len)
data/motif-2.3.8/lib/Xm/XmString.c:8019:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = XmStringComponentCreate(tag_type, strlen(tag), (XtPointer) tag);
data/motif-2.3.8/lib/Xm/XmString.c:8086:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = XmStringConcatAndFree(result, XmStringComponentCreate(tag_type, strlen(tag), (XtPointer) tag));
data/motif-2.3.8/lib/Xm/XmString.c:8536:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!value || (length != strlen((char*) value))) {
data/motif-2.3.8/lib/Xm/XmString.c:8543:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen((char*) value);
data/motif-2.3.8/lib/Xm/XmString.c:8610:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!value || (length != strlen((char*) value))) {
data/motif-2.3.8/lib/Xm/XmString.c:8668:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!value || (length != strlen((char*)value))) {
data/motif-2.3.8/lib/Xm/XmString.c:8689:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!value || (length != strlen((char*)value))) {
data/motif-2.3.8/lib/Xm/XmString.c:8951:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*length = strlen((char*) *value);
data/motif-2.3.8/lib/Xm/XmString.c:9001:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*length = strlen(tag);
data/motif-2.3.8/lib/Xm/XmString.c:9152:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*length = strlen((char*) *value);
data/motif-2.3.8/lib/Xm/XmString.c:9518:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(rendition), rendition);
data/motif-2.3.8/lib/Xm/XmString.c:9525:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(rendition), rendition);
data/motif-2.3.8/lib/Xm/XmStringFunc.c:271:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(rendition), (XtPointer)rendition);
data/motif-2.3.8/lib/Xm/XmStringFunc.c:275:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(rendition), (XtPointer)rendition);
data/motif-2.3.8/lib/Xm/Xmos.c:163:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirCacheNameLen = strlen(qDirName);
data/motif-2.3.8/lib/Xm/Xmos.c:235:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirSpecLen = strlen(dirSpec);
data/motif-2.3.8/lib/Xm/Xmos.c:246:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
userDirLen = strlen(userDir);
data/motif-2.3.8/lib/Xm/Xmos.c:267:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
userDirLen = strlen(pwd_value->pw_dir);
data/motif-2.3.8/lib/Xm/Xmos.c:268:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirSpecLen = strlen(srcPtr);
data/motif-2.3.8/lib/Xm/Xmos.c:284:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
userDirLen = strlen(destPtr);
data/motif-2.3.8/lib/Xm/Xmos.c:301:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
userDirLen = strlen(outputBuf);
data/motif-2.3.8/lib/Xm/Xmos.c:460:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filterLen = strlen(filterSpec);
data/motif-2.3.8/lib/Xm/Xmos.c:478:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirLen = strlen(dirSpec);
data/motif-2.3.8/lib/Xm/Xmos.c:555:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
outputBuf = XtCalloc(2, strlen(pattern) + 4);
data/motif-2.3.8/lib/Xm/Xmos.c:601:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bufPtr, pattern, len);
data/motif-2.3.8/lib/Xm/Xmos.c:657:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned int dirLen = strlen(qualifiedDir);
data/motif-2.3.8/lib/Xm/Xmos.c:785:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirNameLen = strlen(dirName);
data/motif-2.3.8/lib/Xm/Xmos.c:796:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirNameLen = strlen(dirName);
data/motif-2.3.8/lib/Xm/Xmos.c:1025:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
homeDir = XtMalloc (strlen(ptr) + 1);
data/motif-2.3.8/lib/Xm/Xmos.c:1246:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = XtCalloc(1, (9*strlen(homedir) + strlen(PATH_DEFAULT) +
data/motif-2.3.8/lib/Xm/Xmos.c:1246:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = XtCalloc(1, (9*strlen(homedir) + strlen(PATH_DEFAULT) +
data/motif-2.3.8/lib/Xm/Xmos.c:1247:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
8*strlen(libdir) + strlen(incdir) + 1));
data/motif-2.3.8/lib/Xm/Xmos.c:1247:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
8*strlen(libdir) + strlen(incdir) + 1));
data/motif-2.3.8/lib/Xm/Xmos.c:1255:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = XtCalloc(1, (8*strlen(old_path) + 2*strlen(homedir) +
data/motif-2.3.8/lib/Xm/Xmos.c:1255:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = XtCalloc(1, (8*strlen(old_path) + 2*strlen(homedir) +
data/motif-2.3.8/lib/Xm/Xmos.c:1256:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(XAPPLRES_DEFAULT) + 8*strlen(libdir) +
data/motif-2.3.8/lib/Xm/Xmos.c:1256:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(XAPPLRES_DEFAULT) + 8*strlen(libdir) +
data/motif-2.3.8/lib/Xm/Xmos.c:1257:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(incdir) + 1));
data/motif-2.3.8/lib/Xm/Xmos.c:1267:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = XtMalloc(strlen(local_path) + 1);
data/motif-2.3.8/lib/Xm/Xmos.c:1328:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fileName = XtMalloc (strlen (file) + 1);
data/motif-2.3.8/lib/Xm/Xmos.c:1333:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fileName = XtMalloc (strlen(path) + strlen (file) + 2);
data/motif-2.3.8/lib/Xm/Xmos.c:1333:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fileName = XtMalloc (strlen(path) + strlen (file) + 2);
data/motif-2.3.8/lib/Xm/Xmos.c:1335:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (fileName, "/");
data/motif-2.3.8/lib/Xm/Xmos.c:1418:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(imageName);
data/motif-2.3.8/lib/Xm/Xmos.c:1420:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(maskNameBuf, imageName, len);
data/motif-2.3.8/lib/Xm/Xmos.c:1449:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*num_bytes = strlen((char*) characters);
data/motif-2.3.8/lib/Xm/Xmos_r.h:257:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(p).len = strlen((p).pwp->pw_name);
data/motif-2.3.8/lib/Xm/Xmos_r.h:261:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(p).len = strlen((p).pwp->pw_passwd);
data/motif-2.3.8/lib/Xm/Xmos_r.h:265:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(p).len = strlen((p).pwp->pw_class);
data/motif-2.3.8/lib/Xm/Xmos_r.h:269:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(p).len = strlen((p).pwp->pw_gecos);
data/motif-2.3.8/lib/Xm/Xmos_r.h:273:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(p).len = strlen((p).pwp->pw_dir);
data/motif-2.3.8/lib/Xm/Xmos_r.h:277:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(p).len = strlen((p).pwp->pw_shell);
data/motif-2.3.8/lib/Xm/Xmos_r.h:287:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((p).len = strlen((p).pwp->pw_name)), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:290:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((p).len = strlen((p).pwp->pw_passwd)), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:293:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((p).len = strlen((p).pwp->pw_age)), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:296:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((p).len = strlen((p).pwp->pw_comment)), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:299:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((p).len = strlen((p).pwp->pw_gecos)), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:302:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((p).len = strlen((p).pwp->pw_dir)), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:305:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((p).len = strlen((p).pwp->pw_shell)), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:716:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(strncpy((p).buf, (p).result, sizeof((p).buf)), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:724:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(strncpy((p).buf, (p).result, sizeof((p).buf)), \
data/motif-2.3.8/lib/Xm/Xmos_r.h:900:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(strncpy((p).buf, (p).result, sizeof((p).buf)), (p).result = &(p).buf) : \
data/motif-2.3.8/lib/Xm/Xmos_r.h:907:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(strncpy((p).buf, (p).result, sizeof((p).buf)), (p).result = &(p).buf) : \
data/motif-2.3.8/lib/Xm/Xmos_r.h:1054:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((p).len = strlen((p).pgrp->gr_name)), \
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:143:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
used_size = strlen(buf);
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:164:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
used_size += strlen(info->hints_cmt) + 5;
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:173:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(buf);
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:182:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(buf);
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:191:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(buf);
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:199:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(buf);
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:218:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
used_size += strlen(info->colors_cmt) + 5;
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:251:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
used_size += strlen(info->pixels_cmt) + 5;
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:292:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, *defaults++, cpp);
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:303:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:316:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(*data_size + l - *used_size) <= strlen(buf))
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:352:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, colors[*pixels].string, cpp); /* how can we trust *pixels? :-\ */
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:365:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, colors[*pixels].string, cpp); /* how can we trust *pixels? */
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:385:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(ext->name) + 11;
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:389:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(*line) + 4;
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:415:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(ext->name) + 11;
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:424:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(*line) + 4;
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:428:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(s, ",\n\"XPMENDEXT\"", data_size - (s-dataptr)-1);
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:441:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += 5 + strlen(info->hints_cmt);
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:444:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += 5 + strlen(info->colors_cmt);
data/motif-2.3.8/lib/Xm/XpmCrBufFrI.c:447:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += 5 + strlen(info->pixels_cmt);
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:158:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:167:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:218:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(sptr + 1) = *sptr + strlen(*sptr2) + 1;
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:259:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, *defaults++, cpp);
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:273:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:318:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, colors[*pixels].string, cpp); /* why trust pixel? */
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:332:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, colors[*pixels].string, cpp); /* why should we trust *pixel? */
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:354:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(ext->name) + 8;
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:357:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(*line) + 1;
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:383:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(dataptr + 1) = *dataptr + strlen(ext->name) + 8;
data/motif-2.3.8/lib/Xm/XpmCrDatFrI.c:390:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(dataptr + 1) = *dataptr + strlen(*line) + 1;
data/motif-2.3.8/lib/Xm/XpmI.h:316:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(*mdata->cptr++) : (getc(mdata->stream.file)))
data/motif-2.3.8/lib/Xm/XpmRdFToI.c:155:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(filename);
data/motif-2.3.8/lib/Xm/XpmWrFFrBuf.c:56:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffer);
data/motif-2.3.8/lib/Xm/XpmWrFFrI.c:122:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(new_name, name, sizeof(new_name));
data/motif-2.3.8/lib/Xm/XpmWrFFrI.c:133:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(new_name, name, sizeof(new_name));
data/motif-2.3.8/lib/Xm/XpmWrFFrI.c:261:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, colors[*pixels].string, cpp);
data/motif-2.3.8/lib/Xm/XpmWrFFrI.c:271:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(s, colors[*pixels].string, cpp);
data/motif-2.3.8/lib/Xm/XpmWrFFrI.c:323:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(filename);
data/motif-2.3.8/lib/Xm/Xpmdata.c:129:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(file);
data/motif-2.3.8/lib/Xm/Xpmdata.c:150:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(file);
data/motif-2.3.8/lib/Xm/Xpmdata.c:160:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(file);
data/motif-2.3.8/lib/Xm/Xpmdata.c:214:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(file)) != mdata->Eos && c != EOF);
data/motif-2.3.8/lib/Xm/Xpmdata.c:221:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(file)) != mdata->Bos && c != EOF)
data/motif-2.3.8/lib/Xm/Xpmdata.c:226:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(file)) == mdata->Bcmt[0])
data/motif-2.3.8/lib/Xm/Xpmdata.c:276:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(file)) != EOF && isspace(c) && c != mdata->Eos);
data/motif-2.3.8/lib/Xm/Xpmdata.c:280:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(file);
data/motif-2.3.8/lib/Xm/Xpmdata.c:309:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(p, start, n);
data/motif-2.3.8/lib/Xm/Xpmdata.c:316:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = getc(file)) == EOF)
data/motif-2.3.8/lib/Xm/Xpmdata.c:334:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(q, buf, i);
data/motif-2.3.8/lib/Xm/Xpmdata.c:341:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(file);
data/motif-2.3.8/lib/Xm/Xpmdata.c:357:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(q, buf, i);
data/motif-2.3.8/lib/Xm/Xpmdata.c:384:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*cmt, mdata->Comment, mdata->CommentLength);
data/motif-2.3.8/lib/Xm/Xpmmisc.c:55:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s1) + 1;
data/motif-2.3.8/lib/Xm/Xpmparse.c:62:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(dst) + strlen(src)) < (dstsize)) \
data/motif-2.3.8/lib/Xm/Xpmparse.c:62:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(dst) + strlen(src)) < (dstsize)) \
data/motif-2.3.8/lib/Xm/Xpmparse.c:66:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(src) < (dstsize)) \
data/motif-2.3.8/lib/Xm/Xpmparse.c:408:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(*sptr) == l) && (!strncmp(*sptr, buf, l)))
data/motif-2.3.8/lib/Xm/Xpmparse.c:413:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(curbuf) + 1;
data/motif-2.3.8/lib/Xm/Xpmparse.c:441:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(curbuf) + 1; /* integer overflow just theoretically possible */
data/motif-2.3.8/lib/Xm/Xpmparse.c:496:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(curbuf) + 1;
data/motif-2.3.8/lib/Xm/Xpmparse.c:742:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ext->name, s + a, l - a - 6);
data/motif-2.3.8/lib/Xm/Xpmrgb.c:97:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(rgbname = (char *) XpmMalloc(strlen(name) + 1)))
data/motif-2.3.8/lib/Xm/Xpms_popen.c:59:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((cmd == NULL) || (strlen(cmd)==0))
data/motif-2.3.8/lib/Xm/Xpms_popen.c:83:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( (*(argv+i) = (char *) malloc((strlen(ptr)+1) * sizeof(char))) == NULL)
data/motif-2.3.8/localized/util/mkcatdefs.c:130:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen((t = strrchr(mname,'/')) ? t + 1 : mname) > MDIRSIZ) {
data/motif-2.3.8/localized/util/mkcatdefs.c:283:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp += strlen(msgname);
data/motif-2.3.8/localized/util/mkcatdefs.c:390:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp += strlen(msgname);
data/motif-2.3.8/localized/util/mkcatdefs.c:540:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr->regname = malloc(strlen(tname) + 1);
data/motif-2.3.8/localized/util/mkmsgcat.c:221:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(subs, "_");
data/motif-2.3.8/localized/util/mkmsgcat.c:224:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_subs = strlen(subs);
data/motif-2.3.8/tools/wml/wmldbcreate.c:523:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lengths[i] = strlen(table[i]) + 1;
data/motif-2.3.8/tools/wml/wmllex.c:843:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/motif-2.3.8/tools/wml/wmllex.c:1306:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(yystringval, (XmConst char *) yytext+1, yyleng - 2);
data/motif-2.3.8/tools/wml/wmllex.c:2084:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return yy_scan_bytes(yystr,strlen(yystr) );
data/motif-2.3.8/tools/wml/wmlouth.c:785:1: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (maskbuf, "0");
data/motif-2.3.8/tools/wml/wmlouth.c:797:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (maskbuf, "0");
data/motif-2.3.8/tools/wml/wmlouth.c:890:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (maskbuf, " ");
data/motif-2.3.8/tools/wml/wmlouth.c:910:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (maskbuf, ",");
data/motif-2.3.8/tools/wml/wmlouth.c:1016:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (maskbuf, " ");
data/motif-2.3.8/tools/wml/wmlouth.c:1036:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (maskbuf, ",");
data/motif-2.3.8/tools/wml/wmlouth.c:1141:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (maskbuf, " ");
data/motif-2.3.8/tools/wml/wmlouth.c:1159:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (maskbuf, ",");
data/motif-2.3.8/tools/wml/wmlouth.c:1263:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (maskbuf, " ");
data/motif-2.3.8/tools/wml/wmlouth.c:1281:6: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (maskbuf, ",");
data/motif-2.3.8/tools/wml/wmloutkey.c:237:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( ndx=0 ; ndx<(int)strlen(sens_name) ; ndx++ )
data/motif-2.3.8/tools/wml/wmloutkey.c:514:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( ndx=0 ; ndx<(int)strlen(insens_name) ; ndx++ )
data/motif-2.3.8/tools/wml/wmloutkey.c:624:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(tokstg),
data/motif-2.3.8/tools/wml/wmloutkey.c:627:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (int)strlen(tokstg) > *maxlen )
data/motif-2.3.8/tools/wml/wmloutkey.c:628:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*maxlen = strlen (tokstg);
data/motif-2.3.8/tools/wml/wmloutkey.c:708:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (dststg, "0");
data/motif-2.3.8/tools/wml/wmloutkey.c:715:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy (dststg, "0");
data/motif-2.3.8/tools/wml/wmluiltok.c:666:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( yyin )) != EOF && c != '\n'; ++n ) \
data/motif-2.3.8/tools/wml/wmluiltok.c:883:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc (strlen ((XmConst char *)yytext) + 1), (XmConst char *)yytext);
data/motif-2.3.8/tools/wml/wmluiltok.c:891:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc (strlen ((XmConst char *)yytext) + 1), (XmConst char *)yytext);
data/motif-2.3.8/tools/wml/wmluiltok.c:897:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc (strlen ((XmConst char *)yytext) + 1), (XmConst char *)yytext);
data/motif-2.3.8/tools/wml/wmluiltok.c:903:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
malloc (strlen ((XmConst char *)yytext) + 1), (XmConst char *)yytext);
data/motif-2.3.8/tools/wml/wmluiltok.c:1681:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return yy_scan_bytes(yystr,strlen(yystr) );
data/motif-2.3.8/tools/wml/wmlutils.c:62:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dynstg = (char *) malloc (strlen(stg)+1);
data/motif-2.3.8/tools/wml/wmlutils.c:84:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( ndx=0 ; ndx<strlen(stg) ; ndx++ )
ANALYSIS SUMMARY:
Hits = 3682
Lines analyzed = 689956 in approximately 15.08 seconds (45743 lines/second)
Physical Source Lines of Code (SLOC) = 463470
Hits@level = [0] 979 [1] 1152 [2] 1583 [3] 40 [4] 902 [5] 5
Hits@level+ = [0+] 4661 [1+] 3682 [2+] 2530 [3+] 947 [4+] 907 [5+] 5
Hits/KSLOC@level+ = [0+] 10.0567 [1+] 7.94442 [2+] 5.45882 [3+] 2.04328 [4+] 1.95698 [5+] 0.0107882
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.