Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/ncftp-3.2.5/autoconf_local/acconfig.h Examining data/ncftp-3.2.5/libncftp/c_chdir.c Examining data/ncftp-3.2.5/libncftp/c_chdir3.c Examining data/ncftp-3.2.5/libncftp/c_chdirlist.c Examining data/ncftp-3.2.5/libncftp/c_chmod.c Examining data/ncftp-3.2.5/libncftp/c_delete.c Examining data/ncftp-3.2.5/libncftp/c_exists.c Examining data/ncftp-3.2.5/libncftp/c_filetype.c Examining data/ncftp-3.2.5/libncftp/c_getcwd.c Examining data/ncftp-3.2.5/libncftp/c_mkdir.c Examining data/ncftp-3.2.5/libncftp/c_mlist1.c Examining data/ncftp-3.2.5/libncftp/c_modtime.c Examining data/ncftp-3.2.5/libncftp/c_opennologin.c Examining data/ncftp-3.2.5/libncftp/c_rename.c Examining data/ncftp-3.2.5/libncftp/c_rhelp.c Examining data/ncftp-3.2.5/libncftp/c_rmdirr.c Examining data/ncftp-3.2.5/libncftp/c_size.c Examining data/ncftp-3.2.5/libncftp/c_sizemdtm.c Examining data/ncftp-3.2.5/libncftp/c_symlink.c Examining data/ncftp-3.2.5/libncftp/c_type.c Examining data/ncftp-3.2.5/libncftp/c_umask.c Examining data/ncftp-3.2.5/libncftp/c_utime.c Parsing failed to find end of parameter list; semicolon terminated it in (buf, sizeof(buf) - 1, "%04d%02d%02d%02d%02d%02d", #else (void) sprintf(buf, "%04d%02d%02d%02d%02d%02d", #endif gt.tm_year + 1900, gt.tm_mon + 1, gt.tm_mday, gt.tm_hour, gt.tm_min, Examining data/ncftp-3.2.5/libncftp/errno.c Examining data/ncftp-3.2.5/libncftp/ftp.c Examining data/ncftp-3.2.5/libncftp/ftp.h Examining data/ncftp-3.2.5/libncftp/ftw.c Examining data/ncftp-3.2.5/libncftp/io_get.c Examining data/ncftp-3.2.5/libncftp/io_getfiles.c Examining data/ncftp-3.2.5/libncftp/io_getmem.c Examining data/ncftp-3.2.5/libncftp/io_getonefile.c Examining data/ncftp-3.2.5/libncftp/io_gettar.c Examining data/ncftp-3.2.5/libncftp/io_list.c Examining data/ncftp-3.2.5/libncftp/io_listmem.c Examining data/ncftp-3.2.5/libncftp/io_put.c Examining data/ncftp-3.2.5/libncftp/io_putfiles.c Examining data/ncftp-3.2.5/libncftp/io_putmem.c Examining data/ncftp-3.2.5/libncftp/io_putonefile.c Examining data/ncftp-3.2.5/libncftp/io_util.c Examining data/ncftp-3.2.5/libncftp/lglob.c Examining data/ncftp-3.2.5/libncftp/lglobr.c Examining data/ncftp-3.2.5/libncftp/linelist.c Examining data/ncftp-3.2.5/libncftp/ncftp.h Examining data/ncftp-3.2.5/libncftp/ncftp_errno.h Examining data/ncftp-3.2.5/libncftp/open.c Examining data/ncftp-3.2.5/libncftp/rcmd.c Examining data/ncftp-3.2.5/libncftp/rftw.c Examining data/ncftp-3.2.5/libncftp/rglob.c Examining data/ncftp-3.2.5/libncftp/rglobr.c Examining data/ncftp-3.2.5/libncftp/syshdrs.h Examining data/ncftp-3.2.5/libncftp/u_close.c Examining data/ncftp-3.2.5/libncftp/u_decodehost.c Examining data/ncftp-3.2.5/libncftp/u_decodeurl.c Examining data/ncftp-3.2.5/libncftp/u_error.c Examining data/ncftp-3.2.5/libncftp/u_feat.c Examining data/ncftp-3.2.5/libncftp/u_fileextn.c Parsing failed to find end of parameter list; semicolon terminated it in (extnPattern, sizeof(extnPattern), #else sprintf(extnPattern, #endif "|.%s|", extn ); cp = extnPattern; forever { c = *cp; if (c == '\0') break; if (isupper(c)) { c = tolower(c); Examining data/ncftp-3.2.5/libncftp/u_getcwd.c Examining data/ncftp-3.2.5/libncftp/u_gethome.c Examining data/ncftp-3.2.5/libncftp/u_getopt.c Examining data/ncftp-3.2.5/libncftp/u_getpass.c Examining data/ncftp-3.2.5/libncftp/u_getpw.c Examining data/ncftp-3.2.5/libncftp/u_getusr.c Examining data/ncftp-3.2.5/libncftp/u_getutc.c Examining data/ncftp-3.2.5/libncftp/u_gmtime.c Examining data/ncftp-3.2.5/libncftp/u_localtime.c Examining data/ncftp-3.2.5/libncftp/u_misc.c Examining data/ncftp-3.2.5/libncftp/u_miscdebug.c Examining data/ncftp-3.2.5/libncftp/u_mkdirs.c Examining data/ncftp-3.2.5/libncftp/u_pathcat.c Examining data/ncftp-3.2.5/libncftp/u_printf.c Examining data/ncftp-3.2.5/libncftp/u_rebuildci.c Examining data/ncftp-3.2.5/libncftp/u_scram.c Examining data/ncftp-3.2.5/libncftp/u_shutdownci.c Examining data/ncftp-3.2.5/libncftp/u_signal.c Examining data/ncftp-3.2.5/libncftp/u_slash.c Examining data/ncftp-3.2.5/libncftp/u_unmdtm.c Examining data/ncftp-3.2.5/libncftp/unls.c Parsing failed to find end of parameter list; semicolon terminated it in (og, sizeof(og) - 1, #else sprintf(og, #endif /* HAVE_SNPRINTF */ " %-8.8s %s", mli.owner, mli.group ); STRNCAT(plug, og); } else { STRNCAT(plug, " "); STR Examining data/ncftp-3.2.5/libncftp/util.h Examining data/ncftp-3.2.5/libncftp/util2.cpp Examining data/ncftp-3.2.5/libncftp/wincfg.h Examining data/ncftp-3.2.5/libncftp/c_rmdir.c Examining data/ncftp-3.2.5/ncftp/bookmark.c Examining data/ncftp-3.2.5/ncftp/bookmark.h Examining data/ncftp-3.2.5/ncftp/cmdlist.c Examining data/ncftp-3.2.5/ncftp/cmds.c Examining data/ncftp-3.2.5/ncftp/cmds.h Examining data/ncftp-3.2.5/ncftp/gl_getline.c Examining data/ncftp-3.2.5/ncftp/gl_getline.h Examining data/ncftp-3.2.5/ncftp/log.c Examining data/ncftp-3.2.5/ncftp/log.h Examining data/ncftp-3.2.5/ncftp/ls.c Parsing failed to find end of parameter list; semicolon terminated it in (dstr, dsiz, #else (void) sprintf(dstr, #endif "%s %2d %4d", gLsMon[t.tm_mon], t.tm_mday, t.tm_year + 1900 ); } else { #ifdef HAVE_SNPRINTF (void) snprintf(dstr, dsiz, #else (voi Parsing failed to find end of parameter list; semicolon terminated it in (dstr, dsiz, #else (void) sprintf(dstr, #endif "%s %2d %02d:%02d", gLsMon[t.tm_mon], t.tm_mday, t.tm_hour, t.tm_min ); } } /* LsDate */ /* Does "ls -l", or the detailed /bin/ls Parsing failed to find end of parameter list; semicolon terminated it in ( plugspec, sizeof(plugspec) - 1, #else (void) sprintf( plugspec, #endif "%%-%ds", (int) dirp->maxPlugLen ); if (dirp->maxPlugLen < 29) { /* We have some extra space to work with, * Parsing failed to find end of parameter list; semicolon terminated it in ( sizestr, sizeof(sizestr) - 1, #else (void) sprintf( sizestr, #endif #if defined(HAVE_LONG_LONG) && defined(PRINTF_LONG_LONG) PRINTF_LONG_LONG, #else "%ld", #endif (longest Parsing failed to find end of parameter list; semicolon terminated it in ( plugstr, sizeof(plugstr) - 1, #else (void) sprintf( plugstr, #endif plugspec, diritemp->plug ); (void) fprintf(stream, "%s %12s %s%s %s%s%s%s%s\n", plugstr, sizestr, e Examining data/ncftp-3.2.5/ncftp/ls.h Examining data/ncftp-3.2.5/ncftp/main.h Examining data/ncftp-3.2.5/ncftp/pref.c Examining data/ncftp-3.2.5/ncftp/pref.h Examining data/ncftp-3.2.5/ncftp/preffw.c Examining data/ncftp-3.2.5/ncftp/progress.c Examining data/ncftp-3.2.5/ncftp/progress.h Examining data/ncftp-3.2.5/ncftp/readln.c Examining data/ncftp-3.2.5/ncftp/readln.h Examining data/ncftp-3.2.5/ncftp/resource.h Examining data/ncftp-3.2.5/ncftp/shell.c Examining data/ncftp-3.2.5/ncftp/shell.h Examining data/ncftp-3.2.5/ncftp/spool.c Examining data/ncftp-3.2.5/ncftp/spool.h Examining data/ncftp-3.2.5/ncftp/spoolutil.c Parsing failed to find end of parameter list; semicolon terminated it in (sp, size - 1, # else (void) sprintf(sp, # endif "%c-%s-%06d-%d", flag, dstr, (unsigned int) getpid(), serial ); #endif } /* SpoolName */ static int WriteSpoolLine(FILE *const ofp, con Examining data/ncftp-3.2.5/ncftp/syshdrs.h Examining data/ncftp-3.2.5/ncftp/trace.c Examining data/ncftp-3.2.5/ncftp/trace.h Examining data/ncftp-3.2.5/ncftp/util.c Examining data/ncftp-3.2.5/ncftp/util.h Examining data/ncftp-3.2.5/ncftp/version.c Examining data/ncftp-3.2.5/ncftp/main.c Examining data/ncftp-3.2.5/sh_util/gpshare.h Examining data/ncftp-3.2.5/sh_util/ncftpbatch.c Examining data/ncftp-3.2.5/sh_util/ncftpget.c Examining data/ncftp-3.2.5/sh_util/ncftpls.c Examining data/ncftp-3.2.5/sh_util/ncftpput.c Examining data/ncftp-3.2.5/sh_util/resource.h Examining data/ncftp-3.2.5/sh_util/syshdrs.h Examining data/ncftp-3.2.5/sh_util/gpshare.c Examining data/ncftp-3.2.5/sio/DNSUtil.c Examining data/ncftp-3.2.5/sio/main.c Examining data/ncftp-3.2.5/sio/PRead.c Examining data/ncftp-3.2.5/sio/PWrite.c Examining data/ncftp-3.2.5/sio/SAccept.c Examining data/ncftp-3.2.5/sio/SBind.c Examining data/ncftp-3.2.5/sio/SClose.c Examining data/ncftp-3.2.5/sio/SConnect.c Examining data/ncftp-3.2.5/sio/SConnectByName.c Examining data/ncftp-3.2.5/sio/SError.c Examining data/ncftp-3.2.5/sio/sio.h Examining data/ncftp-3.2.5/sio/SNew.c Examining data/ncftp-3.2.5/sio/SocketUtil.c Examining data/ncftp-3.2.5/sio/SRead.c Examining data/ncftp-3.2.5/sio/SReadline.c Examining data/ncftp-3.2.5/sio/SRecv.c Examining data/ncftp-3.2.5/sio/SRecvfrom.c Examining data/ncftp-3.2.5/sio/SRecvmsg.c Examining data/ncftp-3.2.5/sio/SSelect.c Examining data/ncftp-3.2.5/sio/SSend.c Examining data/ncftp-3.2.5/sio/SSendto.c Examining data/ncftp-3.2.5/sio/SSendtoByName.c Examining data/ncftp-3.2.5/sio/StrAddr.c Parsing failed to find end of parameter list; semicolon terminated it in (dst, dsize, #else sprintf(dst, #endif "%u", (unsigned int) port); return (0); /* error */ } /* ServicePortNumberToName */ void InetNtoA(char *dst, struct in_addr *ia, size_t siz) { #if defin Examining data/ncftp-3.2.5/sio/SWait.c Examining data/ncftp-3.2.5/sio/SWrite.c Examining data/ncftp-3.2.5/sio/syshdrs.h Examining data/ncftp-3.2.5/sio/UAccept.c Examining data/ncftp-3.2.5/sio/UBind.c Examining data/ncftp-3.2.5/sio/UConnect.c Examining data/ncftp-3.2.5/sio/UConnectByName.c Examining data/ncftp-3.2.5/sio/UNew.c Examining data/ncftp-3.2.5/sio/URecvfrom.c Examining data/ncftp-3.2.5/sio/USendto.c Examining data/ncftp-3.2.5/sio/USendtoByName.c Examining data/ncftp-3.2.5/sio/usio.h Examining data/ncftp-3.2.5/sio/wincfg.h Examining data/ncftp-3.2.5/Strn/DStrCat.c Examining data/ncftp-3.2.5/Strn/DStrCatList.c Examining data/ncftp-3.2.5/Strn/DStrCpy.c Examining data/ncftp-3.2.5/Strn/DStrCpyList.c Examining data/ncftp-3.2.5/Strn/DStrFree.c Examining data/ncftp-3.2.5/Strn/DStrInit.c Examining data/ncftp-3.2.5/Strn/DStrInternal.h Examining data/ncftp-3.2.5/Strn/DStrNew.c Examining data/ncftp-3.2.5/Strn/Dynscat.c Examining data/ncftp-3.2.5/Strn/Dynscpy.c Examining data/ncftp-3.2.5/Strn/Dynsrecpy.c Examining data/ncftp-3.2.5/Strn/StrFree.c Examining data/ncftp-3.2.5/Strn/Strn.h Examining data/ncftp-3.2.5/Strn/Strncat.c Examining data/ncftp-3.2.5/Strn/Strncat_NoZeroPad.c Examining data/ncftp-3.2.5/Strn/Strncpy.c Examining data/ncftp-3.2.5/Strn/Strncpy_NoZeroPad.c Examining data/ncftp-3.2.5/Strn/Strnpcat.c Examining data/ncftp-3.2.5/Strn/Strnpcpy.c Examining data/ncftp-3.2.5/Strn/Strntok.c Examining data/ncftp-3.2.5/Strn/strtokc.c Examining data/ncftp-3.2.5/Strn/syshdrs.h Examining data/ncftp-3.2.5/vis/bmed.c Examining data/ncftp-3.2.5/vis/bmed.h Examining data/ncftp-3.2.5/vis/syshdrs.h Examining data/ncftp-3.2.5/vis/wgets.c Examining data/ncftp-3.2.5/vis/wgets.h Examining data/ncftp-3.2.5/vis/wutil.c Parsing failed to find end of parameter list; semicolon terminated it in ( buf, sizeof(buf) - 1, #else (void) sprintf( buf, #endif (shortMode != 0) ? "%d %d\n" : "COLUMNS=%d\nLINES=%d\nexport COLUMNS\nexport LINES\n", maxx, maxy ); (void) write(1, b Examining data/ncftp-3.2.5/vis/wutil.h Examining data/ncftp-3.2.5/win/bmed/bmed.cpp Examining data/ncftp-3.2.5/win/bmed/bmed.h Examining data/ncftp-3.2.5/win/bmed/bmedDlg.cpp Examining data/ncftp-3.2.5/win/bmed/bmedDlg.h Examining data/ncftp-3.2.5/win/bmed/bookmark.c Examining data/ncftp-3.2.5/win/bmed/bookmark.h Examining data/ncftp-3.2.5/win/bmed/BookmarkProperties.cpp Examining data/ncftp-3.2.5/win/bmed/BookmarkProperties.h Examining data/ncftp-3.2.5/win/bmed/resource.h Examining data/ncftp-3.2.5/win/bmed/StdAfx.cpp Examining data/ncftp-3.2.5/win/bmed/StdAfx.h Examining data/ncftp-3.2.5/win/bmed/syshdrs.h Examining data/ncftp-3.2.5/win/bmed/util.c Examining data/ncftp-3.2.5/win/bmed/util.h FINAL RESULTS: data/ncftp-3.2.5/libncftp/lglobr.c:69:8: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if (readlink(ftwip->curPath, fi.rlinkto, 255) < 0) { data/ncftp-3.2.5/ncftp/bookmark.c:307:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. (void) chmod(pathName, 00600); data/ncftp-3.2.5/ncftp/bookmark.c:705:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. (void) chmod(pathName, 00600); data/ncftp-3.2.5/ncftp/preffw.c:344:11: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. (void) chmod(pathName, 00600); data/ncftp-3.2.5/ncftp/readln.c:664:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. (void) chmod(pathName, 00600); data/ncftp-3.2.5/ncftp/trace.c:134:10: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. (void) chmod(pathName, 00600); data/ncftp-3.2.5/win/bmed/bookmark.c:307:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. (void) chmod(pathName, 00600); data/ncftp-3.2.5/win/bmed/bookmark.c:705:9: [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead. (void) chmod(pathName, 00600); data/ncftp-3.2.5/Strn/Strntok.c:143:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, argv[1]); data/ncftp-3.2.5/Strn/Strntok.c:155:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, argv[1]); data/ncftp-3.2.5/Strn/Strntok.c:167:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, argv[1]); data/ncftp-3.2.5/Strn/strtokc.c:204:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, argv[1]); data/ncftp-3.2.5/Strn/strtokc.c:216:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, argv[1]); data/ncftp-3.2.5/Strn/strtokc.c:228:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf, argv[1]); data/ncftp-3.2.5/libncftp/c_chdirlist.c:40:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cdstr, lp->line); data/ncftp-3.2.5/libncftp/c_size.c:54:12: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. (void) sscanf(rp->msg.first->line, SCANF_LONG_LONG, size); data/ncftp-3.2.5/libncftp/io_gettar.c:47:6: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(TAR, X_OK) < 0) { data/ncftp-3.2.5/libncftp/io_gettar.c:80:10: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. (void) execv(TAR, argv); data/ncftp-3.2.5/libncftp/lglob.c:144:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(cmd, "%s -c \"%s %s %s\"", "/bin/sh", "/bin/ls", data/ncftp-3.2.5/libncftp/lglob.c:148:16: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. fp = (FILE *) popen(cmd, "r"); data/ncftp-3.2.5/libncftp/ncftp.h:166:10: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # ifndef vsnprintf data/ncftp-3.2.5/libncftp/ncftp.h:167:11: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define vsnprintf _vsnprintf data/ncftp-3.2.5/libncftp/ncftp.h:169:10: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # ifndef snprintf data/ncftp-3.2.5/libncftp/ncftp.h:170:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define snprintf _snprintf data/ncftp-3.2.5/libncftp/ncftp.h:170:20: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define snprintf _snprintf data/ncftp-3.2.5/libncftp/ncftp.h:880:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 2, 3))) data/ncftp-3.2.5/libncftp/ncftp.h:1010:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 2, 0))) data/ncftp-3.2.5/libncftp/ncftp.h:1021:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 5, 6))) data/ncftp-3.2.5/libncftp/ncftp.h:1026:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 7, 8))) data/ncftp-3.2.5/libncftp/ncftp.h:1031:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 7, 0))) data/ncftp-3.2.5/libncftp/ncftp.h:1042:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 2, 3))) data/ncftp-3.2.5/libncftp/ncftp.h:1101:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 3, 4))) data/ncftp-3.2.5/libncftp/ncftp.h:1106:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 2, 3))) data/ncftp-3.2.5/libncftp/ncftp.h:1111:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 3, 4))) data/ncftp-3.2.5/libncftp/rcmd.c:377:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void) vsnprintf(command, sizeof(command) - 1, cmdspec, ap); data/ncftp-3.2.5/libncftp/rcmd.c:380:9: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. (void) vsprintf(command, cmdspec, ap); data/ncftp-3.2.5/libncftp/rglob.c:163:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(lp->line, "%s%s", patPrefix, cur); data/ncftp-3.2.5/libncftp/syshdrs.h:82:10: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # ifndef vsnprintf data/ncftp-3.2.5/libncftp/syshdrs.h:83:11: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define vsnprintf _vsnprintf data/ncftp-3.2.5/libncftp/syshdrs.h:85:10: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # ifndef snprintf data/ncftp-3.2.5/libncftp/syshdrs.h:86:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define snprintf _snprintf data/ncftp-3.2.5/libncftp/syshdrs.h:86:20: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define snprintf _snprintf data/ncftp-3.2.5/libncftp/u_error.c:46:2: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(buf + buflen, sizeof(buf) - 1 - buflen, fmt, ap); data/ncftp-3.2.5/libncftp/u_error.c:49:9: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. (void) vsprintf(buf + buflen, fmt, ap); data/ncftp-3.2.5/libncftp/u_fileextn.c:42:2: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(extnPattern, sizeof(extnPattern), data/ncftp-3.2.5/libncftp/u_fileextn.c:44:2: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(extnPattern, data/ncftp-3.2.5/libncftp/u_getpass.c:22:7: [4] (misc) getpass: This function is obsolete and not portable. It was in SUSv2 but removed by POSIX.2. What it does exactly varies considerably between systems, particularly in where its prompt is displayed and where it gets its data (e.g., /dev/tty, stdin, stderr, etc.). In addition, some implementations overflow buffers. (CWE-676, CWE-120, CWE-20). Make the specific calls to do exactly what you want. If you continue to use it, or write your own, be sure to zero the password as soon as possible to avoid leaving the cleartext password visible in the process' address space. cp = getpass(prompt); data/ncftp-3.2.5/libncftp/u_getpw.c:153:8: [4] (misc) getlogin: It's often easy to fool getlogin. Sometimes it does not work at all, because some program messed up the utmp file. Often, it gives only the first 8 characters of the login name. The user currently logged in on the controlling tty of our program need not be the user who started it. Avoid getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid()) and extract the desired information instead. cp = getlogin(); data/ncftp-3.2.5/libncftp/u_mkdirs.c:69:6: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(newdir, F_OK) == 0) { data/ncftp-3.2.5/libncftp/u_mkdirs.c:136:8: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. rc = access(s, F_OK); data/ncftp-3.2.5/libncftp/u_printf.c:42:10: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void) vfprintf(cip->debugLog, fmt, ap); data/ncftp-3.2.5/libncftp/u_printf.c:50:10: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void) vsnprintf(buf + tbuflen, sizeof(buf) - tbuflen - 1, fmt, ap); data/ncftp-3.2.5/libncftp/u_printf.c:53:10: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. (void) vsprintf(buf + tbuflen, fmt, ap); data/ncftp-3.2.5/libncftp/unls.c:230:12: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. (void) sscanf(sizestart, SCANF_LONG_LONG, fsize); data/ncftp-3.2.5/libncftp/unls.c:543:10: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. (void) sscanf(sizestart, SCANF_LONG_LONG, fsize); data/ncftp-3.2.5/libncftp/unls.c:855:11: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. (void) sscanf(val, SCANF_LONG_LONG, &mlip->fsize); data/ncftp-3.2.5/libncftp/unls.c:986:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(plug + 1, "%s%s%s", cm1, cm2, cm3); data/ncftp-3.2.5/libncftp/unls.c:991:6: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(og, sizeof(og) - 1, data/ncftp-3.2.5/libncftp/unls.c:993:6: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(og, data/ncftp-3.2.5/ncftp/cmds.c:111:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 1, 2))) data/ncftp-3.2.5/ncftp/cmds.c:133:7: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. fp = popen((pprog[0] == '\0') ? "more" : pprog, "w"); data/ncftp-3.2.5/ncftp/cmds.c:230:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void) vsnprintf(buf, sizeof(buf) - 1, fmt, ap); data/ncftp-3.2.5/ncftp/cmds.c:233:9: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. (void) vsprintf(buf, fmt, ap); data/ncftp-3.2.5/ncftp/cmds.c:949:10: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. (void) sprintf(modstr, "%u " PRINTF_ULONG_LONG, (unsigned int) st.st_mtime, (longest_uint) st.st_size); data/ncftp-3.2.5/ncftp/cmds.c:987:11: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. result = system(cmdbuf); data/ncftp-3.2.5/ncftp/cmds.c:1014:10: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. (void) sprintf(modstr, "%u " PRINTF_ULONG_LONG, (unsigned int) st.st_mtime, (longest_uint) st.st_size); data/ncftp-3.2.5/ncftp/cmds.c:1092:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void) fprintf(stdout, data/ncftp-3.2.5/ncftp/cmds.c:1109:10: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void) fprintf(stdout, data/ncftp-3.2.5/ncftp/cmds.c:1127:10: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void) fprintf(stdout, data/ncftp-3.2.5/ncftp/cmds.c:1443:13: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void) printf(spec, cmdnames[k]); data/ncftp-3.2.5/ncftp/cmds.c:1554:18: [4] (shell) WinExec: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. winExecResult = WinExec(prog, SW_SHOWNORMAL); data/ncftp-3.2.5/ncftp/cmds.c:1632:6: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(ncftpbookmarks, X_OK) < 0) { data/ncftp-3.2.5/ncftp/cmds.c:1645:3: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execv(ncftpbookmarks, av); data/ncftp-3.2.5/ncftp/cmds.c:2010:9: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. infp = popen(incmd, "r"); data/ncftp-3.2.5/ncftp/cmds.c:2084:9: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. (void) system(cmd); data/ncftp-3.2.5/ncftp/cmds.c:2431:17: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len = (size_t) vsnprintf(buf, sizeof(buf) - 1, fmt, ap); data/ncftp-3.2.5/ncftp/cmds.c:2435:9: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. (void) vsprintf(buf, fmt, ap); data/ncftp-3.2.5/ncftp/cmds.c:3040:10: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void) fprintf(stdout, data/ncftp-3.2.5/ncftp/cmds.c:3058:10: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void) fprintf(stdout, data/ncftp-3.2.5/ncftp/cmds.c:3081:10: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void) fprintf(stdout, data/ncftp-3.2.5/ncftp/cmds.c:3095:10: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void) fprintf(stdout, data/ncftp-3.2.5/ncftp/cmds.c:3569:4: [4] (shell) execl: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execl(gShell, cp, NULL); data/ncftp-3.2.5/ncftp/cmds.c:3583:4: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execvp(margv[0], margv); data/ncftp-3.2.5/ncftp/cmds.h:69:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 2, 3))) data/ncftp-3.2.5/ncftp/gl_getline.c:654:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(path, "%s%s", gl_home_dir, "/.inputrc"); data/ncftp-3.2.5/ncftp/gl_getline.c:812:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(gl_buf, hist_prev()); data/ncftp-3.2.5/ncftp/gl_getline.c:818:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(gl_buf, hist_next()); data/ncftp-3.2.5/ncftp/gl_getline.c:966:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(gl_buf, hist_next()); data/ncftp-3.2.5/ncftp/gl_getline.c:974:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(gl_buf, hist_prev()); data/ncftp-3.2.5/ncftp/gl_getline.c:997:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(gl_buf, hist_prev()); data/ncftp-3.2.5/ncftp/gl_getline.c:1003:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(gl_buf, hist_next()); data/ncftp-3.2.5/ncftp/gl_getline.c:1245:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(gl_killbuf, gl_buf + pos); data/ncftp-3.2.5/ncftp/gl_getline.c:1370:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(last_prompt, prompt); data/ncftp-3.2.5/ncftp/gl_getline.c:1595:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(s, p); data/ncftp-3.2.5/ncftp/gl_getline.c:1712:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(gl_buf, hist_buf[hist_pos]); data/ncftp-3.2.5/ncftp/gl_getline.c:1759:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(gl_buf, p); data/ncftp-3.2.5/ncftp/gl_getline.c:1793:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(gl_buf, p); data/ncftp-3.2.5/ncftp/gl_getline.c:2219:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(gl_home_dir, homepath); data/ncftp-3.2.5/ncftp/gl_getline.c:2230:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(gl_home_dir, homedrive); data/ncftp-3.2.5/ncftp/gl_getline.c:2231:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(gl_home_dir, homepath); data/ncftp-3.2.5/ncftp/gl_getline.c:2251:19: [4] (misc) getlogin: It's often easy to fool getlogin. Sometimes it does not work at all, because some program messed up the utmp file. Often, it gives only the first 8 characters of the login name. The user currently logged in on the controlling tty of our program need not be the user who started it. Avoid getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid()) and extract the desired information instead. cp = (char *) getlogin(); data/ncftp-3.2.5/ncftp/ls.c:268:10: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void) snprintf(dstr, dsiz, data/ncftp-3.2.5/ncftp/ls.c:270:10: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. (void) sprintf(dstr, data/ncftp-3.2.5/ncftp/ls.c:279:10: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void) snprintf(dstr, dsiz, data/ncftp-3.2.5/ncftp/ls.c:281:10: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. (void) sprintf(dstr, data/ncftp-3.2.5/ncftp/ls.c:320:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void) snprintf( data/ncftp-3.2.5/ncftp/ls.c:324:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. (void) sprintf( data/ncftp-3.2.5/ncftp/ls.c:372:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void) snprintf( data/ncftp-3.2.5/ncftp/ls.c:376:11: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. (void) sprintf( data/ncftp-3.2.5/ncftp/ls.c:389:10: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void) snprintf( data/ncftp-3.2.5/ncftp/ls.c:393:10: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. (void) sprintf( data/ncftp-3.2.5/ncftp/progress.c:135:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(line, "%-32s %10lld bytes %6.2f %s/s", data/ncftp-3.2.5/ncftp/progress.c:142:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(line, "%-32s %10qd bytes %6.2f %s/s", data/ncftp-3.2.5/ncftp/progress.c:149:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(line, "%-32s %10I64d bytes %6.2f %s/s", data/ncftp-3.2.5/ncftp/progress.c:156:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(line, "%-32s %10ld bytes %6.2f %s/s", data/ncftp-3.2.5/ncftp/progress.c:266:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(line, "%-32s ETA: %3d:%02d %6.2f/%6.2f %.2s %6.2f %.2s/s %s ", data/ncftp-3.2.5/ncftp/progress.c:297:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(line, "%-53s %6.2f %.2s %6.2f %.2s/s ", data/ncftp-3.2.5/ncftp/progress.c:312:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(line, "%-46s %6.2f/%6.2f %.2s %6.2f %.2s/s ", data/ncftp-3.2.5/ncftp/progress.c:400:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, spec1, " ", cip->expectedSize); data/ncftp-3.2.5/ncftp/progress.c:403:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, spec1, " ", cip->expectedSize); data/ncftp-3.2.5/ncftp/progress.c:406:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, spec1, " ", cip->expectedSize); data/ncftp-3.2.5/ncftp/progress.c:409:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, spec1, " ", (long) cip->expectedSize); data/ncftp-3.2.5/ncftp/progress.c:432:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(spec3, "%%%ds %%lld bytes. %s%%3d:%%02d", data/ncftp-3.2.5/ncftp/progress.c:437:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(spec3, "%%%ds %%qd bytes. %s%%3d:%%02d", data/ncftp-3.2.5/ncftp/progress.c:442:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(spec3, "%%%ds %%I64d bytes. %s%%3d:%%02d", data/ncftp-3.2.5/ncftp/progress.c:447:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(spec3, "%%%ds %%ld bytes. %s%%3d:%%02d", data/ncftp-3.2.5/ncftp/progress.c:464:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, spec1, perc); data/ncftp-3.2.5/ncftp/progress.c:466:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, spec3, data/ncftp-3.2.5/ncftp/readln.c:130:6: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(ncftpbookmarks, X_OK) < 0) data/ncftp-3.2.5/ncftp/readln.c:136:9: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. infp = popen(ncftpbookmarks, "r"); data/ncftp-3.2.5/ncftp/readln.c:389:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). (void) strcpy(cp + textdirlen + 1, diritemp->relname); data/ncftp-3.2.5/ncftp/readln.c:765:11: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void) vsnprintf(buf, sizeof(buf) - 1, fmt, ap); data/ncftp-3.2.5/ncftp/readln.c:768:11: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. (void) vsprintf(buf, fmt, ap); data/ncftp-3.2.5/ncftp/readln.h:24:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 1, 2))) data/ncftp-3.2.5/ncftp/spool.c:81:17: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. gHaveSpool = (access(ncftpbatch, X_OK) == 0) ? 1 : 0; data/ncftp-3.2.5/ncftp/spool.c:86:18: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. gHaveSpool = (access("/usr/bin/ncftpbatch", X_OK) == 0) ? 1 : 0; data/ncftp-3.2.5/ncftp/spool.c:88:18: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. gHaveSpool = (system("ncftpbatch -X") == 0) ? 1 : 0; data/ncftp-3.2.5/ncftp/spool.c:144:10: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. (void) execv(ncftpbatch, argv); data/ncftp-3.2.5/ncftp/spool.c:147:10: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. (void) execvp(argv[0], argv); data/ncftp-3.2.5/ncftp/spool.c:215:10: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. (void) execv(ncftpbatch, argv); data/ncftp-3.2.5/ncftp/spool.c:218:10: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. (void) execvp(argv[0], argv); data/ncftp-3.2.5/ncftp/spoolutil.c:65:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(sp, "%c-%s-%08X-%d", data/ncftp-3.2.5/ncftp/spoolutil.c:73:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void) snprintf(sp, size - 1, data/ncftp-3.2.5/ncftp/spoolutil.c:75:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. (void) sprintf(sp, data/ncftp-3.2.5/ncftp/spoolutil.c:339:18: [4] (shell) WinExec: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. winExecResult = WinExec(prog, SW_SHOWNORMAL); data/ncftp-3.2.5/ncftp/spoolutil.c:377:10: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. (void) execv(ncftpbatch, argv); data/ncftp-3.2.5/ncftp/spoolutil.c:380:10: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. (void) execvp(argv[0], argv); data/ncftp-3.2.5/ncftp/syshdrs.h:96:11: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. # define popen _popen data/ncftp-3.2.5/ncftp/syshdrs.h:104:10: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # ifndef vsnprintf data/ncftp-3.2.5/ncftp/syshdrs.h:105:11: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define vsnprintf _vsnprintf data/ncftp-3.2.5/ncftp/syshdrs.h:107:10: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # ifndef snprintf data/ncftp-3.2.5/ncftp/syshdrs.h:108:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define snprintf _snprintf data/ncftp-3.2.5/ncftp/syshdrs.h:108:20: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define snprintf _snprintf data/ncftp-3.2.5/ncftp/trace.c:46:10: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void) vsnprintf(buf, sizeof(buf) - 1, fmt, ap); data/ncftp-3.2.5/ncftp/trace.c:49:10: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. (void) vsprintf(buf, fmt, ap); data/ncftp-3.2.5/ncftp/trace.h:17:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 2, 3))) data/ncftp-3.2.5/sh_util/gpshare.c:115:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(line, "%-32s %10lld bytes %6.2f %s/s", data/ncftp-3.2.5/sh_util/gpshare.c:122:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(line, "%-32s %10qd bytes %6.2f %s/s", data/ncftp-3.2.5/sh_util/gpshare.c:129:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(line, "%-32s %10I64d bytes %6.2f %s/s", data/ncftp-3.2.5/sh_util/gpshare.c:136:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(line, "%-32s %10ld bytes %6.2f %s/s", data/ncftp-3.2.5/sh_util/gpshare.c:236:11: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(line, "%-32s ETA: %3d:%02d %6.2f/%6.2f %-2.2s %6.2f %.2s/s %.1s", data/ncftp-3.2.5/sh_util/gpshare.c:265:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(line, "%-53s %6.2f %-2.2s %6.2f %.2s/s ", data/ncftp-3.2.5/sh_util/gpshare.c:280:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. (void) sprintf(line, "%-46s %6.2f/%6.2f %-2.2s %6.2f %.2s/s ", data/ncftp-3.2.5/sh_util/gpshare.c:522:8: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. fp = popen(cp, "w"); data/ncftp-3.2.5/sh_util/ncftpbatch.c:125:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 1, 2))) data/ncftp-3.2.5/sh_util/ncftpbatch.c:138:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 2, 3))) data/ncftp-3.2.5/sh_util/ncftpbatch.c:144:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 1, 2))) data/ncftp-3.2.5/sh_util/ncftpbatch.c:150:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 2, 3))) data/ncftp-3.2.5/sh_util/ncftpbatch.c:190:2: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, ap); data/ncftp-3.2.5/sh_util/ncftpbatch.c:237:10: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void) fprintf(gLogFile, data/ncftp-3.2.5/sh_util/ncftpbatch.c:247:10: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void) vfprintf(gLogFile, fmt, ap); data/ncftp-3.2.5/sh_util/ncftpbatch.c:252:10: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void) vfprintf(stdout, fmt, ap); data/ncftp-3.2.5/sh_util/ncftpbatch.c:260:10: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. (void) vsprintf(gStatusText, fmt, ap); data/ncftp-3.2.5/sh_util/ncftpbatch.c:287:10: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void) fprintf(gLogFile, data/ncftp-3.2.5/sh_util/ncftpbatch.c:297:10: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void) vfprintf(gLogFile, fmt, ap); data/ncftp-3.2.5/sh_util/ncftpbatch.c:307:10: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. (void) vfprintf(stdout, fmt, ap); data/ncftp-3.2.5/sh_util/ncftpbatch.c:903:6: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(cmd, X_OK) < 0) { data/ncftp-3.2.5/sh_util/ncftpbatch.c:933:10: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. (void) execv(cmd, argv); data/ncftp-3.2.5/sh_util/ncftpbatch.c:971:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void) vsnprintf(buf + 8, sizeof(buf) - 8, fmt, ap); data/ncftp-3.2.5/sh_util/ncftpbatch.c:973:9: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. (void) vsprintf(buf + 8, fmt, ap); data/ncftp-3.2.5/sh_util/ncftpbatch.c:1127:38: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. } else if ((gOperation == 'G') && (access(gLDir, W_OK) < 0)) { data/ncftp-3.2.5/sh_util/ncftpbatch.c:1963:4: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(str, PRINTF_LONG_LONG " bytes", (gConn.startPoint + gConn.bytesTransferred)); data/ncftp-3.2.5/sh_util/ncftpbatch.c:1965:4: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(str, PRINTF_LONG_LONG " of " PRINTF_LONG_LONG " bytes", data/ncftp-3.2.5/sh_util/ncftpbatch.c:1990:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(str, "%.1f %s/sec", rate, rStr); data/ncftp-3.2.5/sh_util/syshdrs.h:102:10: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # ifndef vsnprintf data/ncftp-3.2.5/sh_util/syshdrs.h:103:11: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define vsnprintf _vsnprintf data/ncftp-3.2.5/sh_util/syshdrs.h:105:10: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # ifndef snprintf data/ncftp-3.2.5/sh_util/syshdrs.h:106:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define snprintf _snprintf data/ncftp-3.2.5/sh_util/syshdrs.h:106:20: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define snprintf _snprintf data/ncftp-3.2.5/sio/StrAddr.c:170:2: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(dst, dsize, data/ncftp-3.2.5/sio/StrAddr.c:172:2: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(dst, data/ncftp-3.2.5/vis/bmed.c:177:4: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(str, spec, rsip->bookmarkName, rsip->name); data/ncftp-3.2.5/vis/bmed.c:486:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dst, str); data/ncftp-3.2.5/vis/bmed.c:569:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(spec, " %%-26s%%-%ds", data/ncftp-3.2.5/vis/bmed.c:1126:9: [4] (shell) execv: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. (void) execv(NCFTPPATH, av); data/ncftp-3.2.5/vis/bmed.c:1128:9: [4] (shell) execvp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. (void) execvp(av[0], av); data/ncftp-3.2.5/vis/wutil.c:378:10: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. (void) snprintf( data/ncftp-3.2.5/vis/wutil.c:382:10: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. (void) sprintf( data/ncftp-3.2.5/win/bmed/bmed.cpp:155:20: [4] (shell) WinExec: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. winExecResult = WinExec(path, SW_SHOWNORMAL); data/ncftp-3.2.5/win/bmed/syshdrs.h:60:10: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # ifndef vsnprintf data/ncftp-3.2.5/win/bmed/syshdrs.h:61:11: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define vsnprintf _vsnprintf data/ncftp-3.2.5/win/bmed/syshdrs.h:63:10: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # ifndef snprintf data/ncftp-3.2.5/win/bmed/syshdrs.h:64:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define snprintf _snprintf data/ncftp-3.2.5/win/bmed/syshdrs.h:64:20: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define snprintf _snprintf data/ncftp-3.2.5/win/bmed/util.c:559:6: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(newdir, F_OK) == 0) { data/ncftp-3.2.5/win/bmed/util.c:626:8: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. rc = access(s, F_OK); data/ncftp-3.2.5/libncftp/syshdrs.h:204:17: [3] (buffer) getwd: This does not protect against buffer overflows by itself, so use with caution (CWE-120, CWE-20). Use getcwd instead. extern char *getwd(char *); data/ncftp-3.2.5/libncftp/u_getcwd.c:53:6: [3] (buffer) getwd: This does not protect against buffer overflows by itself, so use with caution (CWE-120, CWE-20). Use getcwd instead. if (getwd(dp) == NULL) { data/ncftp-3.2.5/libncftp/u_getcwd.c:66:7: [3] (buffer) getwd: This does not protect against buffer overflows by itself, so use with caution (CWE-120, CWE-20). Use getcwd instead. if (getwd(wdbuf) == NULL) { data/ncftp-3.2.5/libncftp/u_getcwd.c:73:7: [3] (buffer) getwd: This does not protect against buffer overflows by itself, so use with caution (CWE-120, CWE-20). Use getcwd instead. if (getwd(buf) == NULL) { data/ncftp-3.2.5/libncftp/u_gethome.c:24:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. homepath = getenv("USERPROFILE"); /* Windows XP */ data/ncftp-3.2.5/libncftp/u_gethome.c:30:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. homedrive = getenv("HOMEDRIVE"); data/ncftp-3.2.5/libncftp/u_gethome.c:31:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. homepath = getenv("HOMEPATH"); data/ncftp-3.2.5/libncftp/u_gethome.c:75:10: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. tdir = getenv(envvars[i]); data/ncftp-3.2.5/libncftp/u_getpw.c:140:16: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. cp = (char *) getenv("LOGNAME"); data/ncftp-3.2.5/libncftp/u_getpw.c:142:17: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. cp = (char *) getenv("USER"); data/ncftp-3.2.5/ncftp/cmds.c:856:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envEDITOR = getenv("EDITOR"); data/ncftp-3.2.5/ncftp/cmds.c:1423:22: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((cp = (char *) getenv("COLUMNS")) == NULL) data/ncftp-3.2.5/ncftp/gl_getline.c:583:22: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. cp = (const char *) getenv("COLUMNS"); data/ncftp-3.2.5/ncftp/gl_getline.c:589:22: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. cp = (const char *) getenv("ROWS"); data/ncftp-3.2.5/ncftp/gl_getline.c:745:17: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. cp = (char *) getenv("EDITOR"); data/ncftp-3.2.5/ncftp/gl_getline.c:2215:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. homepath = getenv("USERPROFILE"); data/ncftp-3.2.5/ncftp/gl_getline.c:2224:15: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. homedrive = getenv("HOMEDRIVE"); data/ncftp-3.2.5/ncftp/gl_getline.c:2225:14: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. homepath = getenv("HOMEPATH"); data/ncftp-3.2.5/ncftp/gl_getline.c:2247:18: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. cp = (char *) getenv("LOGNAME"); data/ncftp-3.2.5/ncftp/gl_getline.c:2249:19: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. cp = (char *) getenv("USER"); data/ncftp-3.2.5/ncftp/main.c:295:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand((unsigned int) (GetTickCount() & 0x7FFF)); data/ncftp-3.2.5/ncftp/main.c:297:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand((unsigned int) getpid()); data/ncftp-3.2.5/ncftp/pref.c:640:9: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. tok1 = getenv("PAGER"); data/ncftp-3.2.5/ncftp/readln.c:83:21: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((cp = (char *) getenv("COLUMNS")) == NULL) { data/ncftp-3.2.5/ncftp/readln.c:179:15: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((gTerm = getenv("TERM")) == NULL) { data/ncftp-3.2.5/ncftp/syshdrs.h:206:17: [3] (buffer) getwd: This does not protect against buffer overflows by itself, so use with caution (CWE-120, CWE-20). Use getcwd instead. extern char *getwd(char *); data/ncftp-3.2.5/ncftp/trace.c:153:28: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. term_cp = (const char *) getenv("TERM"); data/ncftp-3.2.5/ncftp/util.c:379:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((cp = getenv("NCFTPDIR")) != NULL) { data/ncftp-3.2.5/ncftp/util.c:386:20: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. } else if ((cp = getenv("USERPROFILE")) != NULL) { data/ncftp-3.2.5/ncftp/util.c:419:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. cp = getenv("NCFTPDIR"); data/ncftp-3.2.5/ncftp/util.c:477:10: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envp = getenv("LOGNAME"); data/ncftp-3.2.5/ncftp/util.c:486:10: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envp = getenv("HOME"); data/ncftp-3.2.5/ncftp/util.c:492:10: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envp = getenv("SHELL"); data/ncftp-3.2.5/sh_util/gpshare.c:515:22: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. cp = (const char *) getenv("PAGER"); data/ncftp-3.2.5/sh_util/ncftpbatch.c:520:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand((unsigned int) getpid()); data/ncftp-3.2.5/sh_util/ncftpbatch.c:533:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. cp = getenv("NCFTPBATCH_PROGRESS_LOG"); data/ncftp-3.2.5/sh_util/syshdrs.h:195:17: [3] (buffer) getwd: This does not protect against buffer overflows by itself, so use with caution (CWE-120, CWE-20). Use getcwd instead. extern char *getwd(char *); data/ncftp-3.2.5/win/bmed/util.c:276:13: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if ((cp = getenv("NCFTPDIR")) != NULL) { data/ncftp-3.2.5/win/bmed/util.c:283:20: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. } else if ((cp = getenv("USERPROFILE")) != NULL) { data/ncftp-3.2.5/win/bmed/util.c:314:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. cp = getenv("NCFTPDIR"); data/ncftp-3.2.5/win/bmed/util.c:372:10: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envp = getenv("LOGNAME"); data/ncftp-3.2.5/win/bmed/util.c:381:10: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envp = getenv("HOME"); data/ncftp-3.2.5/win/bmed/util.c:386:10: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. envp = getenv("SHELL"); data/ncftp-3.2.5/Strn/DStrCat.c:39:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cp + curLen, src, --srcLen); data/ncftp-3.2.5/Strn/DStrCatList.c:74:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dcp, src, srcLen); data/ncftp-3.2.5/Strn/DStrCpy.c:40:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cp, src, srcLen); data/ncftp-3.2.5/Strn/DStrCpyList.c:72:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dcp, src, srcLen); data/ncftp-3.2.5/Strn/Dynscat.c:59:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dcp, src, srcLen); data/ncftp-3.2.5/Strn/Dynscpy.c:67:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dcp, src, srcLen); data/ncftp-3.2.5/Strn/Dynsrecpy.c:85:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dcp, src, srcLen); data/ncftp-3.2.5/Strn/Dynsrecpy.c:101:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dcp, src, srcLen); data/ncftp-3.2.5/Strn/StrFree.c:17:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(dst, src, len); data/ncftp-3.2.5/Strn/Strntok.c:133:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/ncftp-3.2.5/Strn/Strntok.c:136:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char token[8]; data/ncftp-3.2.5/Strn/strtokc.c:193:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/ncftp-3.2.5/Strn/strtokc.c:196:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char token[8]; data/ncftp-3.2.5/autoconf_local/acconfig.h:465:8: [2] (race) vfork: On some old systems, vfork() permits race conditions, and it's very difficult to use correctly (CWE-362). Use fork() instead. #undef vfork data/ncftp-3.2.5/libncftp/c_exists.c:24:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char savedCwd[512]; data/ncftp-3.2.5/libncftp/c_exists.c:224:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char savedCwd[512]; data/ncftp-3.2.5/libncftp/c_mkdir.c:18:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[512]; data/ncftp-3.2.5/libncftp/c_mkdir.c:19:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir2[512]; data/ncftp-3.2.5/libncftp/c_mkdir.c:195:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newDir[512]; data/ncftp-3.2.5/libncftp/c_mlist1.c:17:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char optstr[128]; data/ncftp-3.2.5/libncftp/c_utime.c:18:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/ncftp-3.2.5/libncftp/c_utime.c:28:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(buf, "%04d%02d%02d%02d%02d%02d", data/ncftp-3.2.5/libncftp/c_utime.c:47:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mstr[64], astr[64], cstr[64]; data/ncftp-3.2.5/libncftp/errno.c:13:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *gErrList[kErrLast - kErrFirst + 2] = { data/ncftp-3.2.5/libncftp/ftp.c:329:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(&cip->servCtlAddr.sin_addr, *curaddr, (size_t) hp.h_length); data/ncftp-3.2.5/libncftp/ftp.c:787:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char n[6]; data/ncftp-3.2.5/libncftp/ftp.c:845:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(&saddr->sin_addr, &n[0], (size_t) 4); data/ncftp-3.2.5/libncftp/ftp.c:846:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(&saddr->sin_port, &n[4], (size_t) 2); data/ncftp-3.2.5/libncftp/ftp.c:861:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char maybePrivateAddrStr[64]; data/ncftp-3.2.5/libncftp/ftp.c:862:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char knownNonPrivateAddrToUseIfNeededStr[64]; data/ncftp-3.2.5/libncftp/ftp.c:892:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char servDataAddrStr[64]; data/ncftp-3.2.5/libncftp/ftp.c:893:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newDataAddrStr[64]; data/ncftp-3.2.5/libncftp/ftp.c:910:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ourDataAddrStr[64]; data/ncftp-3.2.5/libncftp/ftp.c:911:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newDataAddrStr[64]; data/ncftp-3.2.5/libncftp/ftp.c:1216:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ctrlAddrStr[64], dataAddrStr[64]; data/ncftp-3.2.5/libncftp/ftp.c:1295:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char msg[4]; data/ncftp-3.2.5/libncftp/ftw.c:23:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[1]; data/ncftp-3.2.5/libncftp/ftw.c:48:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dirpath, path, len + 1); data/ncftp-3.2.5/libncftp/ftw.c:53:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dirpath + len, "\\*.*", (size_t) 5); data/ncftp-3.2.5/libncftp/ftw.c:110:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dp, p, sz); data/ncftp-3.2.5/libncftp/ftw.c:133:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dp, p, ((sz < sizeof(struct dirent)) ? sz : sizeof(struct dirent))); data/ncftp-3.2.5/libncftp/ftw.c:135:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dp, p, sz); data/ncftp-3.2.5/libncftp/ftw.c:237:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(filename, cp, fnLen); data/ncftp-3.2.5/libncftp/ftw.c:268:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sdp->name, cp, fnLen); data/ncftp-3.2.5/libncftp/ftw.c:289:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(filename, sdp->name, fnLen); data/ncftp-3.2.5/libncftp/ftw.c:364:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ftwip->curPath, path, len + 1); data/ncftp-3.2.5/libncftp/io_get.c:62:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outbuf[512]; data/ncftp-3.2.5/libncftp/io_gettar.c:43:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[8]; data/ncftp-3.2.5/libncftp/io_gettar.c:112:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char savedCwd[512]; data/ncftp-3.2.5/libncftp/io_list.c:41:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[512]; data/ncftp-3.2.5/libncftp/io_list.c:42:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char secondaryBuf[768]; data/ncftp-3.2.5/libncftp/io_listmem.c:37:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char secondaryBuf[768]; data/ncftp-3.2.5/libncftp/io_listmem.c:38:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[512]; data/ncftp-3.2.5/libncftp/io_listmem.c:39:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lsflags1[128]; data/ncftp-3.2.5/libncftp/io_put.c:159:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dstfile2[512]; data/ncftp-3.2.5/libncftp/io_put.c:162:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inbuf[256], crlf[4]; data/ncftp-3.2.5/libncftp/io_put.c:395:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cmdStr, cmd, 4 + 1 /* space */ + 1 /* nul byte */); data/ncftp-3.2.5/libncftp/io_putfiles.c:56:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dstdir2[512]; data/ncftp-3.2.5/libncftp/lglob.c:20:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pat[512]; data/ncftp-3.2.5/libncftp/lglob.c:25:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pwbuf[256]; data/ncftp-3.2.5/libncftp/lglob.c:27:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hdir[512]; data/ncftp-3.2.5/libncftp/lglob.c:71:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pattern[_MAX_PATH]; data/ncftp-3.2.5/libncftp/lglob.c:131:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[512]; data/ncftp-3.2.5/libncftp/lglob.c:172:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pattern2[512]; data/ncftp-3.2.5/libncftp/linelist.c:26:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(cp, buf, len); data/ncftp-3.2.5/libncftp/linelist.c:554:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(lp, src, sizeof(FTPFileInfo)); data/ncftp-3.2.5/libncftp/ncftp.h:132:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # ifndef open data/ncftp-3.2.5/libncftp/ncftp.h:133:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define open _open data/ncftp-3.2.5/libncftp/ncftp.h:255:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char magic[16]; /* Don't modify this field. */ data/ncftp-3.2.5/libncftp/ncftp.h:259:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char defaultAnonPassword[80]; /* You may set this after init. */ data/ncftp-3.2.5/libncftp/ncftp.h:272:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char magic[16]; /* Don't modify this field. */ data/ncftp-3.2.5/libncftp/ncftp.h:274:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char host[128]; /* REQUIRED input parameter. */ data/ncftp-3.2.5/libncftp/ncftp.h:275:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user[128]; /* OPTIONAL input parameter. */ data/ncftp-3.2.5/libncftp/ncftp.h:276:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pass[256]; /* OPTIONAL input parameter. */ data/ncftp-3.2.5/libncftp/ncftp.h:277:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char acct[64]; /* OPTIONAL input parameter. */ data/ncftp-3.2.5/libncftp/ncftp.h:282:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lastFTPCmdResultStr[128]; /* You may modify this if you want. */ data/ncftp-3.2.5/libncftp/ncftp.h:301:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char firewallHost[64]; /* OPTIONAL input parameter. */ data/ncftp-3.2.5/libncftp/ncftp.h:302:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char firewallUser[64]; /* OPTIONAL input parameter. */ data/ncftp-3.2.5/libncftp/ncftp.h:303:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char firewallPass[64]; /* OPTIONAL input parameter. */ data/ncftp-3.2.5/libncftp/ncftp.h:344:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char actualHost[64]; /* Do not modify this field. */ data/ncftp-3.2.5/libncftp/ncftp.h:345:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ip[32]; /* Do not modify this field. */ data/ncftp-3.2.5/libncftp/ncftp.h:421:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char textEOLN[4]; /* Set automatically per platform. */ data/ncftp-3.2.5/libncftp/ncftp.h:437:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char srlBuf[768]; data/ncftp-3.2.5/libncftp/ncftp.h:473:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[512]; data/ncftp-3.2.5/libncftp/ncftp.h:474:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linkto[512]; data/ncftp-3.2.5/libncftp/ncftp.h:481:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char perm[16]; /* "perm" fact */ data/ncftp-3.2.5/libncftp/ncftp.h:482:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char owner[16]; /* "UNIX.owner" fact */ data/ncftp-3.2.5/libncftp/ncftp.h:483:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char group[16]; /* "UNIX.group" fact */ data/ncftp-3.2.5/libncftp/ncftp.h:739:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d_name[MAX_PATH]; data/ncftp-3.2.5/libncftp/ncftp.h:805:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rootDir[4]; data/ncftp-3.2.5/libncftp/open.c:137:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cwd[512]; data/ncftp-3.2.5/libncftp/open.c:380:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256], *feat; data/ncftp-3.2.5/libncftp/open.c:568:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cip->ietfCompatLevel = atoi(cp + 18); data/ncftp-3.2.5/libncftp/open.c:702:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256], *cp; data/ncftp-3.2.5/libncftp/open.c:705:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen("/etc/release", "r"); data/ncftp-3.2.5/libncftp/open.c:707:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen("/usr/lpp/bos/aix_release.level", "r"); data/ncftp-3.2.5/libncftp/open.c:731:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char si_platform[64]; data/ncftp-3.2.5/libncftp/open.c:732:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char si_arch[32]; data/ncftp-3.2.5/libncftp/open.c:733:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char si_isalist[256]; data/ncftp-3.2.5/libncftp/open.c:754:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char etc_line[256], *etc_cp; data/ncftp-3.2.5/libncftp/open.c:773:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). etc_fp = fopen(*etc_fn, "r"); data/ncftp-3.2.5/libncftp/open.c:816:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char osx_ver[32], osx_build[32]; data/ncftp-3.2.5/libncftp/open.c:817:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256], *cp, *cp2; data/ncftp-3.2.5/libncftp/open.c:823:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen("/System/Library/CoreServices/SystemVersion.plist", "r"); data/ncftp-3.2.5/libncftp/rcmd.c:240:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). rp->code = atoi(code); data/ncftp-3.2.5/libncftp/rcmd.c:572:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cmdstr, "APPE ", 5); data/ncftp-3.2.5/libncftp/rcmd.c:620:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cmdstr, "APPE ", 4 + 1); data/ncftp-3.2.5/libncftp/rftw.c:19:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[1]; data/ncftp-3.2.5/libncftp/rftw.c:148:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(filename, cp, fnLen); data/ncftp-3.2.5/libncftp/rftw.c:249:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sdp->name, cp, fnLen); data/ncftp-3.2.5/libncftp/rftw.c:280:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(filename, sdp->name, fnLen); data/ncftp-3.2.5/libncftp/rftw.c:386:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ftwip->curPath, path, len + 1); data/ncftp-3.2.5/libncftp/rglobr.c:122:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rcwd[512]; data/ncftp-3.2.5/libncftp/rglobr.c:183:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rcwd[512]; data/ncftp-3.2.5/libncftp/rglobr.c:268:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rcwd[512]; data/ncftp-3.2.5/libncftp/syshdrs.h:66:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # ifndef open data/ncftp-3.2.5/libncftp/syshdrs.h:67:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define open _open data/ncftp-3.2.5/libncftp/syshdrs.h:246:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define Open open data/ncftp-3.2.5/libncftp/u_decodehost.c:16:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hstr[256]; data/ncftp-3.2.5/libncftp/u_decodehost.c:50:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(cp, FOPEN_READ_TEXT); data/ncftp-3.2.5/libncftp/u_decodehost.c:80:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). port = atoi(cp); data/ncftp-3.2.5/libncftp/u_decodehost.c:97:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/ncftp-3.2.5/libncftp/u_decodehost.c:101:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(fn, FOPEN_READ_TEXT); data/ncftp-3.2.5/libncftp/u_decodeurl.c:22:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char h[4]; data/ncftp-3.2.5/libncftp/u_decodeurl.c:75:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char portstr[32]; data/ncftp-3.2.5/libncftp/u_decodeurl.c:81:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char subdir[128]; data/ncftp-3.2.5/libncftp/u_decodeurl.c:166:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). port = atoi(portstr); data/ncftp-3.2.5/libncftp/u_error.c:22:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/ncftp-3.2.5/libncftp/u_error.c:26:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errnostr[16]; data/ncftp-3.2.5/libncftp/u_error.c:78:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errnostr, " (errno = %d)", errnum); data/ncftp-3.2.5/libncftp/u_feat.c:47:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). result = atoi(s - 1); data/ncftp-3.2.5/libncftp/u_feat.c:106:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tokbuf[256]; data/ncftp-3.2.5/libncftp/u_fileextn.c:21:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char extnPattern[16]; data/ncftp-3.2.5/libncftp/u_getcwd.c:62:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wdbuf[MAXPATHLEN + 16]; data/ncftp-3.2.5/libncftp/u_gethome.c:51:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pwbuf[256]; data/ncftp-3.2.5/libncftp/u_getopt.c:73:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. opt->arg = (char *) nargv[opt->ind]; data/ncftp-3.2.5/libncftp/u_getpw.c:68:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pwp, p, sizeof(struct passwd)); data/ncftp-3.2.5/libncftp/u_getpw.c:112:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pwp, p, sizeof(struct passwd)); data/ncftp-3.2.5/libncftp/u_getpw.c:134:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char logname[128]; data/ncftp-3.2.5/libncftp/u_getusr.c:27:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pwbuf[256]; data/ncftp-3.2.5/libncftp/u_gmtime.c:35:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tp, tmp, sizeof(struct tm)); data/ncftp-3.2.5/libncftp/u_localtime.c:35:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tp, tmp, sizeof(struct tm)); data/ncftp-3.2.5/libncftp/u_miscdebug.c:16:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ltstr[64]; data/ncftp-3.2.5/libncftp/u_miscdebug.c:17:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gtstr[64]; data/ncftp-3.2.5/libncftp/u_mkdirs.c:18:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[512]; data/ncftp-3.2.5/libncftp/u_pathcat.c:86:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d, src, n); data/ncftp-3.2.5/libncftp/u_pathcat.c:241:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[512]; data/ncftp-3.2.5/libncftp/u_printf.c:20:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/ncftp-3.2.5/libncftp/u_printf.c:21:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[40]; data/ncftp-3.2.5/libncftp/u_printf.c:48:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, tbuf, tbuflen + 1); data/ncftp-3.2.5/libncftp/u_unmdtm.c:26:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char y2fix[64]; data/ncftp-3.2.5/libncftp/unls.c:18:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *rwx[9] = { "---", "--x", "-w-", "-wx", "r--", "r-x", "rw-", "rwx", NULL }; data/ncftp-3.2.5/libncftp/unls.c:136:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ftm.tm_mon = atoi(cp + 0); data/ncftp-3.2.5/libncftp/unls.c:140:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ftm.tm_mday = atoi(cp + 3); data/ncftp-3.2.5/libncftp/unls.c:144:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). year = atoi(cp + 6); data/ncftp-3.2.5/libncftp/unls.c:152:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). year = atoi(cp + 6); data/ncftp-3.2.5/libncftp/unls.c:168:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). hour = atoi(cp); data/ncftp-3.2.5/libncftp/unls.c:175:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ftm.tm_min = atoi(cp + 3); data/ncftp-3.2.5/libncftp/unls.c:359:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). day = atoi(daystart); data/ncftp-3.2.5/libncftp/unls.c:363:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). year = atoi(yearstart); data/ncftp-3.2.5/libncftp/unls.c:392:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). day = atoi(daystart); data/ncftp-3.2.5/libncftp/unls.c:393:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). hr = atoi(hrstart); data/ncftp-3.2.5/libncftp/unls.c:394:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). min = atoi(minstart); data/ncftp-3.2.5/libncftp/unls.c:461:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sec = atoi(secstart); data/ncftp-3.2.5/libncftp/unls.c:468:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mon = atoi(monstart) - 1; data/ncftp-3.2.5/libncftp/unls.c:469:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). day = atoi(daystart); data/ncftp-3.2.5/libncftp/unls.c:470:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). hr = atoi(hrstart); data/ncftp-3.2.5/libncftp/unls.c:471:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). min = atoi(minstart); data/ncftp-3.2.5/libncftp/unls.c:472:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). year = atoi(yearstart); data/ncftp-3.2.5/libncftp/unls.c:578:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char curdir[512]; data/ncftp-3.2.5/libncftp/unls.c:579:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[512]; data/ncftp-3.2.5/libncftp/unls.c:582:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[256]; data/ncftp-3.2.5/libncftp/unls.c:583:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linkto[256]; data/ncftp-3.2.5/libncftp/unls.c:696:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(fi.plug, line, (size_t) plugend); data/ncftp-3.2.5/libncftp/unls.c:704:13: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. (void) strcpy(fi.plug, "---------- 1 ftpuser ftpusers"); data/ncftp-3.2.5/libncftp/unls.c:714:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(curdir, line + 2, (size_t) len + 1 - 2); data/ncftp-3.2.5/libncftp/unls.c:718:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(curdir, line + 2, (size_t) len + 1 - 2); data/ncftp-3.2.5/libncftp/unls.c:722:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(curdir, line, (size_t) len + 1); data/ncftp-3.2.5/libncftp/unls.c:771:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[1024]; data/ncftp-3.2.5/libncftp/unls.c:786:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(line, line0, len + 1); data/ncftp-3.2.5/libncftp/unls.c:873:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mlip->uid = atoi(val); data/ncftp-3.2.5/libncftp/unls.c:875:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mlip->gid = atoi(val); data/ncftp-3.2.5/libncftp/unls.c:890:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mlip->fname, cp, len); data/ncftp-3.2.5/libncftp/unls.c:904:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plug[64]; data/ncftp-3.2.5/libncftp/unls.c:905:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char og[32]; data/ncftp-3.2.5/libncftp/util.h:11:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char string[160], str16[16], str32[32], str64[64]; data/ncftp-3.2.5/libncftp/util.h:12:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char longstring[512]; data/ncftp-3.2.5/libncftp/util.h:13:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char pathname[512]; data/ncftp-3.2.5/libncftp/util2.cpp:24:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH + 1]; data/ncftp-3.2.5/ncftp/bookmark.c:41:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pbuf[32]; data/ncftp-3.2.5/ncftp/bookmark.c:58:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(pbuf, ":%u", (unsigned int) bmp->port); data/ncftp-3.2.5/ncftp/bookmark.c:140:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char token[128]; data/ncftp-3.2.5/ncftp/bookmark.c:141:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pass[128]; data/ncftp-3.2.5/ncftp/bookmark.c:205:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bmp->port = (unsigned int) atoi(token); data/ncftp-3.2.5/ncftp/bookmark.c:211:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). case 10: bmp->hasSIZE = atoi(token); break; data/ncftp-3.2.5/ncftp/bookmark.c:212:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). case 11: bmp->hasMDTM = atoi(token); break; data/ncftp-3.2.5/ncftp/bookmark.c:213:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). case 12: bmp->hasPASV = atoi(token); break; data/ncftp-3.2.5/ncftp/bookmark.c:214:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). case 13: bmp->isUnix = atoi(token); data/ncftp-3.2.5/ncftp/bookmark.c:227:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). case 21: bmp->hasUTIME = atoi(token); data/ncftp-3.2.5/ncftp/bookmark.c:264:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[512]; data/ncftp-3.2.5/ncftp/bookmark.c:282:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName[256], path2[256]; data/ncftp-3.2.5/ncftp/bookmark.c:283:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/ncftp-3.2.5/ncftp/bookmark.c:292:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(pathName, FOPEN_READ_TEXT); data/ncftp-3.2.5/ncftp/bookmark.c:298:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(pathName, FOPEN_READ_TEXT); data/ncftp-3.2.5/ncftp/bookmark.c:327:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(line, ".v%d", version); data/ncftp-3.2.5/ncftp/bookmark.c:370:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(pathName, FOPEN_READ_TEXT); data/ncftp-3.2.5/ncftp/bookmark.c:398:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[512]; data/ncftp-3.2.5/ncftp/bookmark.c:410:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bmabbrtrunc[sizeof(bmp->bookmarkName)]; data/ncftp-3.2.5/ncftp/bookmark.c:596:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(dst, "$%02x", c); data/ncftp-3.2.5/ncftp/bookmark.c:617:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tok[256]; data/ncftp-3.2.5/ncftp/bookmark.c:618:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pass[160]; data/ncftp-3.2.5/ncftp/bookmark.c:624:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(pass, kPasswordMagic, kPasswordMagicLen); data/ncftp-3.2.5/ncftp/bookmark.c:658:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidStr[32]; data/ncftp-3.2.5/ncftp/bookmark.c:659:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName[256], path2[256]; data/ncftp-3.2.5/ncftp/bookmark.c:666:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(pidStr, "-%u.txt", (unsigned int) getpid()); data/ncftp-3.2.5/ncftp/bookmark.c:686:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidStr[32]; data/ncftp-3.2.5/ncftp/bookmark.c:687:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName[256], path2[256]; data/ncftp-3.2.5/ncftp/bookmark.c:694:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(pidStr, "-%u.txt", (unsigned int) getpid()); data/ncftp-3.2.5/ncftp/bookmark.c:697:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfp = fopen(pathName, FOPEN_WRITE_TEXT); data/ncftp-3.2.5/ncftp/bookmark.c:771:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/ncftp-3.2.5/ncftp/bookmark.c:772:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bmAbbr[64]; data/ncftp-3.2.5/ncftp/bookmark.c:839:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[128]; data/ncftp-3.2.5/ncftp/bookmark.h:10:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bookmarkName[16]; data/ncftp-3.2.5/ncftp/bookmark.h:11:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[64]; data/ncftp-3.2.5/ncftp/bookmark.h:12:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user[64]; data/ncftp-3.2.5/ncftp/bookmark.h:13:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pass[64]; data/ncftp-3.2.5/ncftp/bookmark.h:14:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char acct[64]; data/ncftp-3.2.5/ncftp/bookmark.h:15:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[160]; data/ncftp-3.2.5/ncftp/bookmark.h:16:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ldir[160]; data/ncftp-3.2.5/ncftp/bookmark.h:24:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lastIP[32]; data/ncftp-3.2.5/ncftp/bookmark.h:25:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char comment[128]; data/ncftp-3.2.5/ncftp/cmds.c:30:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gStartDir[512]; data/ncftp-3.2.5/ncftp/cmds.c:35:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gRemoteCWD[512]; data/ncftp-3.2.5/ncftp/cmds.c:40:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gPrevRemoteCWD[512]; data/ncftp-3.2.5/ncftp/cmds.c:43:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gScratchCWD[512]; data/ncftp-3.2.5/ncftp/cmds.c:86:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallHost[64]; data/ncftp-3.2.5/ncftp/cmds.c:87:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallUser[32]; data/ncftp-3.2.5/ncftp/cmds.c:88:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallPass[32]; data/ncftp-3.2.5/ncftp/cmds.c:96:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gLocalCWD[512], gPrevLocalCWD[512]; data/ncftp-3.2.5/ncftp/cmds.c:98:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gOurHostName[64]; data/ncftp-3.2.5/ncftp/cmds.c:168:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dfltname[64]; data/ncftp-3.2.5/ncftp/cmds.c:169:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bmname[64]; data/ncftp-3.2.5/ncftp/cmds.c:195:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[160]; data/ncftp-3.2.5/ncftp/cmds.c:226:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ans[128], buf[512]; data/ncftp-3.2.5/ncftp/cmds.c:270:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[160]; data/ncftp-3.2.5/ncftp/cmds.c:344:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/ncftp-3.2.5/ncftp/cmds.c:709:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). SetDebug(atoi(argv[1])); data/ncftp-3.2.5/ncftp/cmds.c:800:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tname[260]; data/ncftp-3.2.5/ncftp/cmds.c:809:12: [2] (tmpfile) mkstemp: Potential for temporary file vulnerability in some circumstances. Some older Unix-like systems create temp files with permission to write by all by default, so be sure to set the umask to override this. Also, some older Unix systems might fail to use O_EXCL when opening the file, so make sure that O_EXCL is used by the library (CWE-377). if ((fd = mkstemp(tname)) < 0) data/ncftp-3.2.5/ncftp/cmds.c:845:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdbuf[2048]; data/ncftp-3.2.5/ncftp/cmds.c:846:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char modstr[80]; data/ncftp-3.2.5/ncftp/cmds.c:917:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen(llp->line, "w")) == NULL) { data/ncftp-3.2.5/ncftp/cmds.c:951:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(modstr, "%u %lu" , (unsigned int) st.st_mtime, (unsigned long) st.st_size); data/ncftp-3.2.5/ncftp/cmds.c:1016:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(modstr, "%u %lu", (unsigned int) st.st_mtime, (unsigned long) st.st_size); data/ncftp-3.2.5/ncftp/cmds.c:1065:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tstr[80], ans[32]; data/ncftp-3.2.5/ncftp/cmds.c:1066:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char newname[128]; /* arrggh... static. */ data/ncftp-3.2.5/ncftp/cmds.c:1263:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pattern[256]; data/ncftp-3.2.5/ncftp/cmds.c:1378:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *cp, spec[16]; data/ncftp-3.2.5/ncftp/cmds.c:1379:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *cmdnames[80]; data/ncftp-3.2.5/ncftp/cmds.c:1426:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). screenColumns = atoi(cp); data/ncftp-3.2.5/ncftp/cmds.c:1440:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(spec, "%%-%ds", data/ncftp-3.2.5/ncftp/cmds.c:1486:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[128]; data/ncftp-3.2.5/ncftp/cmds.c:1527:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ncftpbookmarks[260]; data/ncftp-3.2.5/ncftp/cmds.c:1531:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[kNcFTPBookmarksMailslotMsgSize]; data/ncftp-3.2.5/ncftp/cmds.c:1594:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ncftpbookmarks[256]; data/ncftp-3.2.5/ncftp/cmds.c:1595:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *av[8]; data/ncftp-3.2.5/ncftp/cmds.c:1598:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bmSelectionFile[256]; data/ncftp-3.2.5/ncftp/cmds.c:1599:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidStr[32]; data/ncftp-3.2.5/ncftp/cmds.c:1626:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(pidStr, ".%u", (unsigned int) getpid()); data/ncftp-3.2.5/ncftp/cmds.c:1662:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(bmSelectionFile, FOPEN_READ_TEXT); data/ncftp-3.2.5/ncftp/cmds.c:1682:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *av[3]; data/ncftp-3.2.5/ncftp/cmds.c:1683:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bm[128]; data/ncftp-3.2.5/ncftp/cmds.c:1728:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char options[32]; data/ncftp-3.2.5/ncftp/cmds.c:1729:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char option[2]; data/ncftp-3.2.5/ncftp/cmds.c:1871:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/ncftp-3.2.5/ncftp/cmds.c:1910:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char options[32]; data/ncftp-3.2.5/ncftp/cmds.c:1911:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char option[2]; data/ncftp-3.2.5/ncftp/cmds.c:1986:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char incmd[256]; data/ncftp-3.2.5/ncftp/cmds.c:1987:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/ncftp-3.2.5/ncftp/cmds.c:2062:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[256]; data/ncftp-3.2.5/ncftp/cmds.c:2248:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ipStr[16]; data/ncftp-3.2.5/ncftp/cmds.c:2422:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/ncftp-3.2.5/ncftp/cmds.c:2540:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ipstr[128]; data/ncftp-3.2.5/ncftp/cmds.c:2541:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ohost[128]; data/ncftp-3.2.5/ncftp/cmds.c:2545:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prompt[256]; data/ncftp-3.2.5/ncftp/cmds.c:2716:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/ncftp-3.2.5/ncftp/cmds.c:2717:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char urlfile[128]; data/ncftp-3.2.5/ncftp/cmds.c:2721:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prompt[256]; data/ncftp-3.2.5/ncftp/cmds.c:2842:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gConn.port = atoi(opt.arg); data/ncftp-3.2.5/ncftp/cmds.c:2865:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n = atoi(opt.arg); data/ncftp-3.2.5/ncftp/cmds.c:2869:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n = atoi(opt.arg); data/ncftp-3.2.5/ncftp/cmds.c:3011:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tstr[80], ans[32]; data/ncftp-3.2.5/ncftp/cmds.c:3012:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char newname[128]; /* arrggh... static. */ data/ncftp-3.2.5/ncftp/cmds.c:3232:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pattern[256]; data/ncftp-3.2.5/ncftp/cmds.c:3330:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/ncftp-3.2.5/ncftp/cmds.c:3331:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char olddir[256]; data/ncftp-3.2.5/ncftp/cmds.c:3387:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdbuf[256]; data/ncftp-3.2.5/ncftp/cmds.c:3612:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdbuf[256]; data/ncftp-3.2.5/ncftp/cmds.c:3632:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s2[64]; data/ncftp-3.2.5/ncftp/cmds.c:3715:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ncftpbatch[256]; data/ncftp-3.2.5/ncftp/cmds.c:3751:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ((argc < 2) || ((n = atoi(argv[1])) < 2)) { data/ncftp-3.2.5/ncftp/cmds.c:3780:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirsep[2]; data/ncftp-3.2.5/ncftp/cmds.c:3784:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char preferredLocalAddrStr[64]; data/ncftp-3.2.5/ncftp/cmds.c:3944:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pattern[256]; data/ncftp-3.2.5/ncftp/cmds.c:3952:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char preferredLocalAddrStr[64]; data/ncftp-3.2.5/ncftp/cmds.c:4155:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirsep[2]; data/ncftp-3.2.5/ncftp/cmds.c:4159:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errStr[128]; data/ncftp-3.2.5/ncftp/cmds.c:4160:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char preferredLocalAddrStr[64]; data/ncftp-3.2.5/ncftp/cmds.c:4313:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pattern[256]; data/ncftp-3.2.5/ncftp/cmds.c:4321:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char preferredLocalAddrStr[64]; data/ncftp-3.2.5/ncftp/gl_getline.c:56:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # ifndef open data/ncftp-3.2.5/ncftp/gl_getline.c:57:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define open _open data/ncftp-3.2.5/ncftp/gl_getline.c:180:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gl_buf[GL_BUF_SIZE]; /* input buffer */ data/ncftp-3.2.5/ncftp/gl_getline.c:185:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char gl_killbuf[256]; /* killed text */ data/ncftp-3.2.5/ncftp/gl_getline.c:585:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). w = atoi(cp); data/ncftp-3.2.5/ncftp/gl_getline.c:591:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). w = atoi(cp); data/ncftp-3.2.5/ncftp/gl_getline.c:633:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[256]; data/ncftp-3.2.5/ncftp/gl_getline.c:657:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen( data/ncftp-3.2.5/ncftp/gl_getline.c:726:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vi_countbuf[32]; data/ncftp-3.2.5/ncftp/gl_getline.c:779:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). vi_count = atoi(vi_countbuf); data/ncftp-3.2.5/ncftp/gl_getline.c:1284:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(gl_killbuf, gl_buf + startpos, (size_t) (pos - startpos)); data/ncftp-3.2.5/ncftp/gl_getline.c:1347:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char last_prompt[80] = ""; data/ncftp-3.2.5/ncftp/gl_getline.c:1482:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char *hist_buf[HIST_SIZE]; data/ncftp-3.2.5/ncftp/gl_getline.c:1483:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char hist_empty_elem[2] = ""; data/ncftp-3.2.5/ncftp/gl_getline.c:1613:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(path, data/ncftp-3.2.5/ncftp/gl_getline.c:1639:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/ncftp-3.2.5/ncftp/gl_getline.c:1641:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(path, data/ncftp-3.2.5/ncftp/gl_getline.c:1662:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char search_prompt[101]; /* prompt includes search string */ data/ncftp-3.2.5/ncftp/gl_getline.c:1663:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char search_string[100]; data/ncftp-3.2.5/ncftp/gl_getline.c:1832:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/ncftp-3.2.5/ncftp/gl_getline.c:1833:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[256]; data/ncftp-3.2.5/ncftp/gl_getline.c:1931:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(buf, " ... %d others omitted ...", (nused - nmax)); data/ncftp-3.2.5/ncftp/gl_getline.c:1962:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ellipsessave[4]; data/ncftp-3.2.5/ncftp/gl_getline.c:1974:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ellipsessave, curposp, (size_t) 4); data/ncftp-3.2.5/ncftp/gl_getline.c:1975:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(curposp, "... ", (size_t) 4); data/ncftp-3.2.5/ncftp/gl_getline.c:1977:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(curposp, ellipsessave, (size_t) 4); data/ncftp-3.2.5/ncftp/gl_getline.c:2021:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(matchpfx, cp, mlen); data/ncftp-3.2.5/ncftp/gl_getline.c:2100:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(strtoadd1, gl_matchlist[0], glen); data/ncftp-3.2.5/ncftp/gl_getline.c:2121:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(startp, strtoadd, amt); data/ncftp-3.2.5/ncftp/gl_getline.c:2202:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wdir[64]; data/ncftp-3.2.5/ncftp/gl_getline.c:2264:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(gl_home_dir, homedir, len); data/ncftp-3.2.5/ncftp/gl_getline.c:2388:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dirtoopen1, start, len); data/ncftp-3.2.5/ncftp/gl_getline.c:2434:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. cp = (char *) realloc(gl_matchlist[0], len + len2); data/ncftp-3.2.5/ncftp/gl_getline.c:2439:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cp, gl_home_dir, len2); data/ncftp-3.2.5/ncftp/gl_getline.c:2459:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cp, start, (size_t) filepfxoffset); data/ncftp-3.2.5/ncftp/gl_getline.c:2460:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cp + filepfxoffset, name, len + 1); data/ncftp-3.2.5/ncftp/gl_getline.c:2516:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dirtoopen1, start, len); data/ncftp-3.2.5/ncftp/gl_getline.c:2539:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dirtoopen2, dirtoopen, len + 1); data/ncftp-3.2.5/ncftp/gl_getline.c:2541:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dirtoopen2 + len, "*.*", (size_t) 4); data/ncftp-3.2.5/ncftp/gl_getline.c:2543:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dirtoopen2 + len, "\\*.*", (size_t) 5); data/ncftp-3.2.5/ncftp/gl_getline.c:2577:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cp, start, filepfxoffset); data/ncftp-3.2.5/ncftp/gl_getline.c:2578:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cp + filepfxoffset, name, len + 1); data/ncftp-3.2.5/ncftp/gl_getline.c:2623:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. cp = (char *) realloc(gl_matchlist[0], len + len2 + 4); data/ncftp-3.2.5/ncftp/gl_getline.c:2628:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cp, gl_home_dir, len2); data/ncftp-3.2.5/ncftp/gl_getline.h:69:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gl_buf[GL_BUF_SIZE]; data/ncftp-3.2.5/ncftp/log.c:17:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gLogFileName[256]; data/ncftp-3.2.5/ncftp/log.c:38:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(gLogFileName, FOPEN_APPEND_TEXT); data/ncftp-3.2.5/ncftp/log.c:57:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(gLogFileName, FOPEN_APPEND_TEXT); data/ncftp-3.2.5/ncftp/log.c:73:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[512]; data/ncftp-3.2.5/ncftp/log.c:74:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char siteline[128]; data/ncftp-3.2.5/ncftp/log.c:75:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpLog[256]; data/ncftp-3.2.5/ncftp/log.c:90:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((oldfp = fopen(gLogFileName, FOPEN_READ_TEXT)) == NULL) data/ncftp-3.2.5/ncftp/log.c:121:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((newfp = fopen(tmpLog, FOPEN_WRITE_TEXT)) == NULL) { data/ncftp-3.2.5/ncftp/ls.c:24:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gLsMon[13][16]; data/ncftp-3.2.5/ncftp/ls.c:34:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gRemoteCWD[512]; data/ncftp-3.2.5/ncftp/ls.c:64:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. (void) strcpy(gLsMon[i], "BUG"); data/ncftp-3.2.5/ncftp/ls.c:164:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(&gLsCache[j].fil, files, sizeof(FTPFileInfoList)); data/ncftp-3.2.5/ncftp/ls.c:186:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[400]; data/ncftp-3.2.5/ncftp/ls.c:187:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[400]; data/ncftp-3.2.5/ncftp/ls.c:302:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fTail[2]; data/ncftp-3.2.5/ncftp/ls.c:305:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char datestr[32]; data/ncftp-3.2.5/ncftp/ls.c:306:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sizestr[32]; data/ncftp-3.2.5/ncftp/ls.c:307:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plugspec[16]; data/ncftp-3.2.5/ncftp/ls.c:308:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plugstr[64]; data/ncftp-3.2.5/ncftp/ls.c:434:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fTail[2]; data/ncftp-3.2.5/ncftp/ls.c:480:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char itempath[512]; data/ncftp-3.2.5/ncftp/ls.c:494:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char optstr[32]; data/ncftp-3.2.5/ncftp/ls.c:495:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unoptstr[32]; data/ncftp-3.2.5/ncftp/ls.c:662:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char itempath[512]; data/ncftp-3.2.5/ncftp/ls.c:670:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unoptstr[32]; data/ncftp-3.2.5/ncftp/main.c:38:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gLocalCWD[512], gPrevLocalCWD[512]; data/ncftp-3.2.5/ncftp/main.c:40:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gRemoteCWD[512], gPrevRemoteCWD[512]; data/ncftp-3.2.5/ncftp/main.c:45:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallHost[64]; data/ncftp-3.2.5/ncftp/main.c:46:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallUser[32]; data/ncftp-3.2.5/ncftp/main.c:47:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallPass[32]; data/ncftp-3.2.5/ncftp/main.c:57:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gOurHostName[64]; data/ncftp-3.2.5/ncftp/main.c:66:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[80]; data/ncftp-3.2.5/ncftp/main.c:174:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/ncftp-3.2.5/ncftp/main.c:175:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char urlfile[128]; data/ncftp-3.2.5/ncftp/main.c:443:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gConn.port = atoi(opt.arg); data/ncftp-3.2.5/ncftp/main.c:466:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gConn.maxDials = atoi(opt.arg); data/ncftp-3.2.5/ncftp/main.c:469:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n = atoi(opt.arg); data/ncftp-3.2.5/ncftp/pref.c:24:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gPager[128]; data/ncftp-3.2.5/ncftp/pref.c:50:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gOneTimeMessagesSeen[256]; data/ncftp-3.2.5/ncftp/pref.c:59:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gAutoAscii[512]; data/ncftp-3.2.5/ncftp/pref.c:191:38: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gConn.connTimeout = gConnTimeout = atoi(val); data/ncftp-3.2.5/ncftp/pref.c:203:38: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gConn.ctrlTimeout = gCtrlTimeout = atoi(val); data/ncftp-3.2.5/ncftp/pref.c:215:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gMaxLogSize = atoi(val); data/ncftp-3.2.5/ncftp/pref.c:281:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gDataPortMode = atoi(val); data/ncftp-3.2.5/ncftp/pref.c:331:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). i = atoi(val); data/ncftp-3.2.5/ncftp/pref.c:334:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gRedialDelay = atoi(val); data/ncftp-3.2.5/ncftp/pref.c:366:70: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gConn.dataSocketRBufSize = gConn.dataSocketSBufSize = gSOBufsize = atoi(val); data/ncftp-3.2.5/ncftp/pref.c:379:38: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gConn.xferTimeout = gXferTimeout = atoi(val); data/ncftp-3.2.5/ncftp/pref.c:463:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/ncftp-3.2.5/ncftp/pref.c:506:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[1024]; data/ncftp-3.2.5/ncftp/pref.c:542:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName[256]; data/ncftp-3.2.5/ncftp/pref.c:556:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(kGlobalPrefFileName, FOPEN_READ_TEXT); data/ncftp-3.2.5/ncftp/pref.c:566:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(pathName, FOPEN_READ_TEXT); data/ncftp-3.2.5/ncftp/pref.c:574:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(pathName, FOPEN_READ_TEXT); data/ncftp-3.2.5/ncftp/pref.c:587:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(kGlobalFixedPrefFileName, FOPEN_READ_TEXT); data/ncftp-3.2.5/ncftp/pref.c:682:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName[256]; data/ncftp-3.2.5/ncftp/pref.c:683:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName2[256]; data/ncftp-3.2.5/ncftp/pref.c:684:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tName[32]; data/ncftp-3.2.5/ncftp/pref.c:693:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(tName, "tpref%06u.txt", (unsigned int) getpid()); data/ncftp-3.2.5/ncftp/pref.c:696:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(pathName2, FOPEN_WRITE_TEXT); data/ncftp-3.2.5/ncftp/pref.c:727:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName[256]; data/ncftp-3.2.5/ncftp/pref.c:728:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/ncftp-3.2.5/ncftp/pref.c:741:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(pathName, FOPEN_WRITE_TEXT); data/ncftp-3.2.5/ncftp/pref.c:747:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(pathName, FOPEN_READ_TEXT); data/ncftp-3.2.5/ncftp/pref.c:769:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(pathName, FOPEN_WRITE_TEXT); data/ncftp-3.2.5/ncftp/preffw.c:21:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gFirewallHost[64]; data/ncftp-3.2.5/ncftp/preffw.c:22:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gFirewallUser[32]; data/ncftp-3.2.5/ncftp/preffw.c:23:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gFirewallPass[32]; data/ncftp-3.2.5/ncftp/preffw.c:24:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gFirewallExceptionList[256]; data/ncftp-3.2.5/ncftp/preffw.c:39:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gOurHostName[64]; data/ncftp-3.2.5/ncftp/preffw.c:233:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/ncftp-3.2.5/ncftp/preffw.c:247:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n = atoi(tok2); data/ncftp-3.2.5/ncftp/preffw.c:253:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n = atoi(tok2); data/ncftp-3.2.5/ncftp/preffw.c:272:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gDataPortMode = gFwDataPortMode = atoi(tok2); data/ncftp-3.2.5/ncftp/preffw.c:289:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName[256]; data/ncftp-3.2.5/ncftp/preffw.c:307:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp2 = fopen(kGlobalFirewallPrefFileName, FOPEN_READ_TEXT); data/ncftp-3.2.5/ncftp/preffw.c:317:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(pathName, FOPEN_READ_TEXT); data/ncftp-3.2.5/ncftp/preffw.c:326:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp2 = fopen(kGlobalFixedFirewallPrefFileName, FOPEN_READ_TEXT); data/ncftp-3.2.5/ncftp/preffw.c:338:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(pathName, FOPEN_WRITE_TEXT); data/ncftp-3.2.5/ncftp/progress.c:79:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char localName[32]; data/ncftp-3.2.5/ncftp/progress.c:80:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[128]; data/ncftp-3.2.5/ncftp/progress.c:190:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/ncftp-3.2.5/ncftp/progress.c:212:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char localName[80]; data/ncftp-3.2.5/ncftp/progress.c:213:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[128]; data/ncftp-3.2.5/ncftp/progress.c:334:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/ncftp-3.2.5/ncftp/progress.c:357:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char spec1[64], spec3[64]; data/ncftp-3.2.5/ncftp/progress.c:358:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char bar[256]; data/ncftp-3.2.5/ncftp/progress.c:395:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(spec1, " 0 %%%ds %%lld bytes. ETA: --:--", maxBarLen); data/ncftp-3.2.5/ncftp/progress.c:402:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(spec1, " 0 %%%ds %%qd bytes. ETA: --:--", maxBarLen); data/ncftp-3.2.5/ncftp/progress.c:405:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(spec1, " 0 %%%ds %%I64d bytes. ETA: --:--", maxBarLen); data/ncftp-3.2.5/ncftp/progress.c:408:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(spec1, " 0 %%%ds %%ld bytes. ETA: --:--", maxBarLen); data/ncftp-3.2.5/ncftp/progress.c:493:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/ncftp-3.2.5/ncftp/readln.c:33:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gCurXtermTitleStr[256]; data/ncftp-3.2.5/ncftp/readln.c:36:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gSavedConsoleTitle[64]; data/ncftp-3.2.5/ncftp/readln.c:48:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gRemoteCWD[512]; data/ncftp-3.2.5/ncftp/readln.c:76:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ncftpbookmarks[256]; data/ncftp-3.2.5/ncftp/readln.c:86:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gScreenColumns = atoi(cp); data/ncftp-3.2.5/ncftp/readln.c:312:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rpath[256]; data/ncftp-3.2.5/ncftp/readln.c:381:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(cp, diritemp->relname, mlen); data/ncftp-3.2.5/ncftp/readln.c:387:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(cp, text, (size_t) textdirlen); data/ncftp-3.2.5/ncftp/readln.c:619:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName[256]; data/ncftp-3.2.5/ncftp/readln.c:655:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName[256]; data/ncftp-3.2.5/ncftp/readln.c:751:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/ncftp-3.2.5/ncftp/readln.c:791:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char v[80], *cp; data/ncftp-3.2.5/ncftp/readln.c:792:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vdate[32]; data/ncftp-3.2.5/ncftp/readln.c:858:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char acwd[64]; data/ncftp-3.2.5/ncftp/shell.c:531:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prompt[64]; data/ncftp-3.2.5/ncftp/shell.c:602:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l2, "cd ", 4); data/ncftp-3.2.5/ncftp/shell.c:603:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(l2 + 3, lineRead, llen); data/ncftp-3.2.5/ncftp/shell.h:9:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *cargv[255]; data/ncftp-3.2.5/ncftp/shell.h:13:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char argbuf[2048]; data/ncftp-3.2.5/ncftp/spool.c:33:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char f[256]; data/ncftp-3.2.5/ncftp/spool.c:47:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(f, O_WRONLY|O_TRUNC, 00600); data/ncftp-3.2.5/ncftp/spool.c:61:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ncftpbatch[260]; data/ncftp-3.2.5/ncftp/spool.c:71:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ncftpbatch[256]; data/ncftp-3.2.5/ncftp/spool.c:102:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sdir[256]; data/ncftp-3.2.5/ncftp/spool.c:121:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[8]; data/ncftp-3.2.5/ncftp/spool.c:124:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ncftpbatch[256]; data/ncftp-3.2.5/ncftp/spool.c:172:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pfdstr[32]; data/ncftp-3.2.5/ncftp/spool.c:173:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[8]; data/ncftp-3.2.5/ncftp/spool.c:176:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ncftpbatch[256]; data/ncftp-3.2.5/ncftp/spool.c:191:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(pfdstr, "%d", pfd[0]); data/ncftp-3.2.5/ncftp/spoolutil.c:53:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dstr[32]; data/ncftp-3.2.5/ncftp/spoolutil.c:146:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sdir2[256]; data/ncftp-3.2.5/ncftp/spoolutil.c:147:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pass[160]; data/ncftp-3.2.5/ncftp/spoolutil.c:148:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sname[64], sname2[64]; data/ncftp-3.2.5/ncftp/spoolutil.c:149:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char spathname[256]; data/ncftp-3.2.5/ncftp/spoolutil.c:150:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char spathname2[256]; data/ncftp-3.2.5/ncftp/spoolutil.c:151:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ldir2[256]; data/ncftp-3.2.5/ncftp/spoolutil.c:176:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = (ofp == NULL) ? fopen(spathname, FOPEN_WRITE_TEXT) : ofp; data/ncftp-3.2.5/ncftp/spoolutil.c:179:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = (ofp == NULL) ? fopen(spathname, FOPEN_WRITE_TEXT) : ofp; data/ncftp-3.2.5/ncftp/spoolutil.c:204:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(pass, kPasswordMagic, kPasswordMagicLen); data/ncftp-3.2.5/ncftp/spoolutil.c:328:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ncftpbatch[260]; data/ncftp-3.2.5/ncftp/spoolutil.c:355:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[8]; data/ncftp-3.2.5/ncftp/spoolutil.c:358:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ncftpbatch[256]; data/ncftp-3.2.5/ncftp/syshdrs.h:81:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # ifndef open data/ncftp-3.2.5/ncftp/syshdrs.h:82:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define open _open data/ncftp-3.2.5/ncftp/syshdrs.h:255:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define Open open data/ncftp-3.2.5/ncftp/trace.c:21:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gTraceLBuf[256]; data/ncftp-3.2.5/ncftp/trace.c:27:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gOurHostName[64]; data/ncftp-3.2.5/ncftp/trace.c:40:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/ncftp-3.2.5/ncftp/trace.c:118:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName[256]; data/ncftp-3.2.5/ncftp/trace.c:119:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tName[32]; data/ncftp-3.2.5/ncftp/trace.c:120:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timeStr[128]; data/ncftp-3.2.5/ncftp/trace.c:127:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(tName, "trace.%u", (unsigned int) (pid = getpid())); data/ncftp-3.2.5/ncftp/trace.c:130:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tfp = fopen(pathName, FOPEN_WRITE_TEXT); data/ncftp-3.2.5/ncftp/trace.c:167:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName[256]; data/ncftp-3.2.5/ncftp/trace.c:168:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName2[256]; data/ncftp-3.2.5/ncftp/trace.c:169:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tName[32]; data/ncftp-3.2.5/ncftp/trace.c:174:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(tName, "trace.%u", (unsigned int) getpid()); data/ncftp-3.2.5/ncftp/util.c:17:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gUser[32]; data/ncftp-3.2.5/ncftp/util.c:18:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gHome[256]; data/ncftp-3.2.5/ncftp/util.c:19:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gShell[256]; data/ncftp-3.2.5/ncftp/util.c:20:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gOurDirectoryPath[260]; data/ncftp-3.2.5/ncftp/util.c:21:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gOurInstallationPath[260]; data/ncftp-3.2.5/ncftp/util.c:38:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char B64EncodeTable[64] = data/ncftp-3.2.5/ncftp/util.c:50:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char B64DecodeTable[256] = data/ncftp-3.2.5/ncftp/util.c:207:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *dst, pbuf[32]; data/ncftp-3.2.5/ncftp/util.c:227:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(pbuf, ":%u", (unsigned int) port); data/ncftp-3.2.5/ncftp/util.c:276:11: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. (void) strcpy(dst, "..."); data/ncftp-3.2.5/ncftp/util.c:281:11: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. (void) strcpy(dst + max - 3, "..."); data/ncftp-3.2.5/ncftp/util.c:535:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/ncftp-3.2.5/ncftp/util.c:539:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hn[80]; data/ncftp-3.2.5/ncftp/util.c:616:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(s) != 0) data/ncftp-3.2.5/ncftp/util.c:681:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(&ina.s_addr, hp->h_addr_list[0], (size_t) hp->h_length); data/ncftp-3.2.5/ncftp/util.c:895:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sa[512], sb[512]; data/ncftp-3.2.5/ncftp/util.c:937:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char urlstr2[256]; data/ncftp-3.2.5/ncftp/util.c:965:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char reason[128]; data/ncftp-3.2.5/sh_util/gpshare.c:80:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char localName[32]; data/ncftp-3.2.5/sh_util/gpshare.c:81:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[128]; data/ncftp-3.2.5/sh_util/gpshare.c:186:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char localName[80]; data/ncftp-3.2.5/sh_util/gpshare.c:187:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[128]; data/ncftp-3.2.5/sh_util/gpshare.c:346:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[128], fn[128]; data/ncftp-3.2.5/sh_util/gpshare.c:355:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(fn, FOPEN_READ_TEXT); data/ncftp-3.2.5/sh_util/gpshare.c:361:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(fn, FOPEN_READ_TEXT); data/ncftp-3.2.5/sh_util/gpshare.c:405:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cip->port = atoi(line + 5); data/ncftp-3.2.5/sh_util/gpshare.c:430:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/ncftp-3.2.5/sh_util/gpshare.c:443:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). i = atoi(tok); data/ncftp-3.2.5/sh_util/gpshare.c:450:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). i = atoi(tok); data/ncftp-3.2.5/sh_util/gpshare.c:463:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/ncftp-3.2.5/sh_util/gpshare.c:472:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cip->xferTimeout = atoi(tok); data/ncftp-3.2.5/sh_util/gpshare.c:473:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cip->connTimeout = atoi(tok); data/ncftp-3.2.5/sh_util/gpshare.c:474:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cip->ctrlTimeout = atoi(tok); data/ncftp-3.2.5/sh_util/gpshare.c:476:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cip->connTimeout = atoi(tok); data/ncftp-3.2.5/sh_util/gpshare.c:478:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cip->ctrlTimeout = atoi(tok); data/ncftp-3.2.5/sh_util/gpshare.c:603:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[500], *dst, *dlim; data/ncftp-3.2.5/sh_util/ncftpbatch.c:52:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gSpoolDir[256]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:53:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gLogFileName[256]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:57:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallHost[64]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:58:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallUser[32]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:59:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallPass[32]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:60:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallExceptionList[256]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:64:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gItemPath[256]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:68:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gMyItemPath[256]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:70:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gOperationStr[16]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:72:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gHost[64]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:73:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gLastHost[64]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:74:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gHostIP[32]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:76:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gRUser[128]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:77:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gRPass[128]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:78:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gRAcct[128]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:79:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gManualOverrideFeatures[256]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:80:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gPreFTPCommand[128]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:81:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gPerFileFTPCommand[128]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:82:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gPostFTPCommand[128]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:83:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gPreShellCommand[256]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:84:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gPostShellCommand[256]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:85:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gProgressLog[512]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:91:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gRDir[256]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:92:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gLDir[256]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:93:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gRFile[256]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:94:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gLFile[256]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:95:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gRStartDir[256]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:96:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gSourceAddrStr[128]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:103:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gLogLBuf[256]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:111:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gStatusText[512]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:176:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:201:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errMsg[256]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:233:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tstr[128]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:282:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tstr[128]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:387:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(gLogFileName, openMode); data/ncftp-3.2.5/sh_util/ncftpbatch.c:625:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:642:45: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((stat(gMyItemPath, &st) < 0) || ((fp = fopen(gMyItemPath, FOPEN_READ_BINARY)) == NULL)) { data/ncftp-3.2.5/sh_util/ncftpbatch.c:726:44: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gDelaySinceLastFailure = (unsigned int) atoi(tok2); data/ncftp-3.2.5/sh_util/ncftpbatch.c:735:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gPort = atoi(tok2); data/ncftp-3.2.5/sh_util/ncftpbatch.c:738:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gPassive = atoi(tok2); data/ncftp-3.2.5/sh_util/ncftpbatch.c:896:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argv[8]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:965:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:967:9: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. (void) strcpy(buf, "\nresult="); data/ncftp-3.2.5/sh_util/ncftpbatch.c:997:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). gProgLog = fopen(gProgressLog, FOPEN_APPEND_TEXT); data/ncftp-3.2.5/sh_util/ncftpbatch.c:1089:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:1090:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char resolvedIPstr[64]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:1275:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(gStatusText, "Downloading %.200s", gRFile); data/ncftp-3.2.5/sh_util/ncftpbatch.c:1280:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(gStatusText, "[0%%] - Downloading %.200s", gRFile); data/ncftp-3.2.5/sh_util/ncftpbatch.c:1302:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(gStatusText, "Uploading %.200s", gLFile); data/ncftp-3.2.5/sh_util/ncftpbatch.c:1307:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(gStatusText, "[0%%] - Uploading %.200s", gLFile); data/ncftp-3.2.5/sh_util/ncftpbatch.c:1353:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char itemName[64]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:1385:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). *yyyymmdd = atoi(tok); data/ncftp-3.2.5/sh_util/ncftpbatch.c:1390:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). *hhmmss = atoi(tok); data/ncftp-3.2.5/sh_util/ncftpbatch.c:1438:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tstr[32]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:1731:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dstr[64]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:1732:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char yyyy[8], mm[4], dd[4]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:1733:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char HH[4], MM[4]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:1776:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(dstr, "%08d", iyyyymmdd); data/ncftp-3.2.5/sh_util/ncftpbatch.c:1777:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(yyyy, dstr, 4); yyyy[4] = '\0'; data/ncftp-3.2.5/sh_util/ncftpbatch.c:1778:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(mm, dstr + 4, 2); mm[2] = '\0'; data/ncftp-3.2.5/sh_util/ncftpbatch.c:1779:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(dd, dstr + 6, 2); dd[2] = '\0'; data/ncftp-3.2.5/sh_util/ncftpbatch.c:1780:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(dstr, "%06d", ihhmmss); data/ncftp-3.2.5/sh_util/ncftpbatch.c:1781:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(HH, dstr + 0, 2); HH[2] = '\0'; data/ncftp-3.2.5/sh_util/ncftpbatch.c:1782:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(MM, dstr + 2, 2); MM[2] = '\0'; data/ncftp-3.2.5/sh_util/ncftpbatch.c:1826:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[128]; data/ncftp-3.2.5/sh_util/ncftpbatch.c:1855:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(lf.lfFaceName, "MS Sans Serif"); data/ncftp-3.2.5/sh_util/ncftpbatch.c:1928:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cp, "[%d", iper); data/ncftp-3.2.5/sh_util/ncftpbatch.c:1982:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "ETA: %d:%02d", minLeft, secLeft); data/ncftp-3.2.5/sh_util/ncftpbatch.c:2167:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). devnull = open("/dev/null", O_RDWR, 00666); data/ncftp-3.2.5/sh_util/ncftpbatch.c:2230:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/tty", O_RDWR, 0); data/ncftp-3.2.5/sh_util/ncftpbatch.c:2299:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(opt.arg) > 0) data/ncftp-3.2.5/sh_util/ncftpbatch.c:2300:43: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gDelayBetweenPasses = (unsigned int) atoi(opt.arg); data/ncftp-3.2.5/sh_util/ncftpbatch.c:2341:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(opt.arg) > 0) data/ncftp-3.2.5/sh_util/ncftpbatch.c:2342:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sleep((unsigned int) atoi(opt.arg)); data/ncftp-3.2.5/sh_util/ncftpbatch.c:2345:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(opt.arg) > 0) data/ncftp-3.2.5/sh_util/ncftpbatch.c:2346:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sleepval = (unsigned int) atoi(opt.arg); data/ncftp-3.2.5/sh_util/ncftpbatch.c:2349:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(opt.arg) > 0) data/ncftp-3.2.5/sh_util/ncftpbatch.c:2350:43: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). gDelayBetweenPasses = (unsigned int) atoi(opt.arg); data/ncftp-3.2.5/sh_util/ncftpbatch.c:2362:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). readcore = atoi(opt.arg); data/ncftp-3.2.5/sh_util/ncftpget.c:36:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallHost[64]; data/ncftp-3.2.5/sh_util/ncftpget.c:37:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallUser[32]; data/ncftp-3.2.5/sh_util/ncftpget.c:38:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallPass[32]; data/ncftp-3.2.5/sh_util/ncftpget.c:40:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallExceptionList[256]; data/ncftp-3.2.5/sh_util/ncftpget.c:182:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[512]; data/ncftp-3.2.5/sh_util/ncftpget.c:183:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char urlfile[256]; data/ncftp-3.2.5/sh_util/ncftpget.c:184:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char urldir[512]; data/ncftp-3.2.5/sh_util/ncftpget.c:197:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char precmd[320], postcmd[320], perfilecmd[320]; data/ncftp-3.2.5/sh_util/ncftpget.c:275:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fi.errLog = fopen(opt.arg, FOPEN_APPEND_TEXT); data/ncftp-3.2.5/sh_util/ncftpget.c:291:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fi.debugLog = fopen(opt.arg, FOPEN_APPEND_TEXT); data/ncftp-3.2.5/sh_util/ncftpget.c:344:37: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fi.dataSocketRBufSize = (size_t) atol(opt.arg); data/ncftp-3.2.5/sh_util/ncftpget.c:487:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fi.port = atoi(opt.arg); data/ncftp-3.2.5/sh_util/ncftpls.c:35:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallHost[64]; data/ncftp-3.2.5/sh_util/ncftpls.c:36:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallUser[32]; data/ncftp-3.2.5/sh_util/ncftpls.c:37:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallPass[32]; data/ncftp-3.2.5/sh_util/ncftpls.c:39:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallExceptionList[256]; data/ncftp-3.2.5/sh_util/ncftpls.c:67:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(relpath + 0, subdir, sdlen + /* '\0' */ 1); data/ncftp-3.2.5/sh_util/ncftpls.c:71:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(relpath + pdlen + 1, subdir, sdlen + /* '\0' */ 1); data/ncftp-3.2.5/sh_util/ncftpls.c:140:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rcwd[512]; data/ncftp-3.2.5/sh_util/ncftpls.c:141:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char startdir[512]; data/ncftp-3.2.5/sh_util/ncftpls.c:303:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/ncftp-3.2.5/sh_util/ncftpls.c:304:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char urlfile[128]; data/ncftp-3.2.5/sh_util/ncftpls.c:305:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rootcwd[256]; data/ncftp-3.2.5/sh_util/ncftpls.c:306:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char curcwd[256]; data/ncftp-3.2.5/sh_util/ncftpls.c:319:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lsflags[32]; data/ncftp-3.2.5/sh_util/ncftpls.c:325:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char precmd[320], postcmd[320], perfilecmd[320]; data/ncftp-3.2.5/sh_util/ncftpls.c:387:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fi.errLog = fopen(opt.arg, FOPEN_APPEND_TEXT); data/ncftp-3.2.5/sh_util/ncftpls.c:399:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fi.debugLog = fopen(opt.arg, FOPEN_APPEND_TEXT); data/ncftp-3.2.5/sh_util/ncftpls.c:497:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fi.port = atoi(opt.arg); data/ncftp-3.2.5/sh_util/ncftpput.c:35:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallHost[64]; data/ncftp-3.2.5/sh_util/ncftpput.c:36:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallUser[32]; data/ncftp-3.2.5/sh_util/ncftpput.c:37:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallPass[32]; data/ncftp-3.2.5/sh_util/ncftpput.c:39:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gFirewallExceptionList[256]; data/ncftp-3.2.5/sh_util/ncftpput.c:199:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ufile[256]; data/ncftp-3.2.5/sh_util/ncftpput.c:200:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char precmd[320], postcmd[320], perfilecmd[320]; data/ncftp-3.2.5/sh_util/ncftpput.c:278:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fi.errLog = fopen(opt.arg, FOPEN_APPEND_TEXT); data/ncftp-3.2.5/sh_util/ncftpput.c:294:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fi.debugLog = fopen(opt.arg, FOPEN_APPEND_TEXT); data/ncftp-3.2.5/sh_util/ncftpput.c:367:37: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fi.dataSocketSBufSize = (size_t) atol(opt.arg); data/ncftp-3.2.5/sh_util/ncftpput.c:465:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fi.port = atoi(opt.arg); data/ncftp-3.2.5/sh_util/syshdrs.h:79:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # ifndef open data/ncftp-3.2.5/sh_util/syshdrs.h:80:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define open _open data/ncftp-3.2.5/sh_util/syshdrs.h:244:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define Open open data/ncftp-3.2.5/sio/DNSUtil.c:125:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hp, h, sizeof(struct hostent)); data/ncftp-3.2.5/sio/DNSUtil.c:200:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hp, h, sizeof(struct hostent)); data/ncftp-3.2.5/sio/DNSUtil.c:235:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(&ip_address->s_addr, hp->h_addr_list[0], (size_t) hp->h_length); data/ncftp-3.2.5/sio/DNSUtil.c:237:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(ip_address, &ip, sizeof(struct in_addr)); data/ncftp-3.2.5/sio/DNSUtil.c:246:12: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(&ip_address->s_addr, hp->h_addr_list[0], (size_t) hp->h_length); data/ncftp-3.2.5/sio/DNSUtil.c:441:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char domain[128]; data/ncftp-3.2.5/sio/DNSUtil.c:442:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hpbuf[1024]; data/ncftp-3.2.5/sio/DNSUtil.c:533:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/ncftp-3.2.5/sio/DNSUtil.c:534:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char srch[128]; data/ncftp-3.2.5/sio/DNSUtil.c:537:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen("/etc/resolv.conf", "r"); data/ncftp-3.2.5/sio/SError.c:9:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *wsaerrlist[128] = { data/ncftp-3.2.5/sio/SError.c:149:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char estr[32]; data/ncftp-3.2.5/sio/SError.c:169:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char estr[32]; data/ncftp-3.2.5/sio/SError.c:172:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(estr, "Error #%d", e); data/ncftp-3.2.5/sio/SSelect.c:73:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(resultssp, ssp, sizeof(SelectSet)); data/ncftp-3.2.5/sio/SSelect.c:87:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(resultssp, ssp, sizeof(SelectSet)); data/ncftp-3.2.5/sio/StrAddr.c:26:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[64]; data/ncftp-3.2.5/sio/StrAddr.c:32:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char spbuf[256]; data/ncftp-3.2.5/sio/StrAddr.c:43:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return (atoi(str)); data/ncftp-3.2.5/sio/StrAddr.c:113:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char spbuf[256]; data/ncftp-3.2.5/sio/StrAddr.c:208:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char portstr[128]; data/ncftp-3.2.5/sio/StrAddr.c:233:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). port = atoi(p2); data/ncftp-3.2.5/sio/StrAddr.c:245:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). port = (unsigned int) atoi(colon + 1); data/ncftp-3.2.5/sio/StrAddr.c:251:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). port = (unsigned int) atoi(portstr); data/ncftp-3.2.5/sio/StrAddr.c:287:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sa->sin_addr.s_addr, hp->h_addr_list[0], data/ncftp-3.2.5/sio/StrAddr.c:299:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char addrName[128]; data/ncftp-3.2.5/sio/StrAddr.c:302:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[128]; data/ncftp-3.2.5/sio/StrAddr.c:303:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s_name[64]; data/ncftp-3.2.5/sio/StrAddr.c:342:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "%u", (unsigned int) ntohs(saddrp->sin_port)); data/ncftp-3.2.5/sio/syshdrs.h:54:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # ifndef open data/ncftp-3.2.5/sio/syshdrs.h:55:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define open _open data/ncftp-3.2.5/vis/bmed.c:107:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). *dst = atoi(str); data/ncftp-3.2.5/vis/bmed.c:139:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/ncftp-3.2.5/vis/bmed.c:140:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/ncftp-3.2.5/vis/bmed.c:144:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char spec[32]; data/ncftp-3.2.5/vis/bmed.c:160:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(spec, "%s"), /* avoid warnings on BSD */ data/ncftp-3.2.5/vis/bmed.c:166:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(spec, ": %3d"), data/ncftp-3.2.5/vis/bmed.c:171:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(spec, "%%-16.16s %%-%ds", lmaxx - 17); data/ncftp-3.2.5/vis/bmed.c:192:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "%-16.16s ", rsip->bookmarkName); data/ncftp-3.2.5/vis/bmed.c:211:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(spec, "%%-%ds", maxx - 4); data/ncftp-3.2.5/vis/bmed.c:458:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/ncftp-3.2.5/vis/bmed.c:502:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/ncftp-3.2.5/vis/bmed.c:543:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/ncftp-3.2.5/vis/bmed.c:544:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char spec[32]; data/ncftp-3.2.5/vis/bmed.c:646:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "%u", (gEditRsi.port == 0) ? 21 : (unsigned int) gEditRsi.port); data/ncftp-3.2.5/vis/bmed.c:783:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bmname[128]; data/ncftp-3.2.5/vis/bmed.c:926:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bmname[128]; data/ncftp-3.2.5/vis/bmed.c:1105:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(gBookmarkSelectionFile, "w"); data/ncftp-3.2.5/vis/bmed.c:1117:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *av[8]; data/ncftp-3.2.5/vis/bmed.c:1144:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[256]; data/ncftp-3.2.5/vis/bmed.c:1423:36: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. gBookmarkSelectionFile = (const char *) argv[argi]; data/ncftp-3.2.5/vis/syshdrs.h:299:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). # define Open open data/ncftp-3.2.5/vis/wgets.c:193:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(gBufPtr - count, gBufPtr, n); data/ncftp-3.2.5/vis/wgets.c:241:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(gBufPtr, gBufPtr + 1, n); data/ncftp-3.2.5/vis/wgets.c:497:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). trace = fopen(wg_TraceFileName, FOPEN_APPEND_TEXT); data/ncftp-3.2.5/vis/wutil.c:90:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tty = open("/dev/tty", O_RDWR); data/ncftp-3.2.5/vis/wutil.c:368:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/ncftp-3.2.5/win/bmed/bmed.cpp:21:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern char gOurInstallationPath[260]; data/ncftp-3.2.5/win/bmed/bmed.cpp:94:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[kNcFTPBookmarksMailslotMsgSize]; data/ncftp-3.2.5/win/bmed/bmed.cpp:99:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH]; data/ncftp-3.2.5/win/bmed/bmedDlg.cpp:70:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/ncftp-3.2.5/win/bmed/bmedDlg.cpp:201:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/ncftp-3.2.5/win/bmed/bmedDlg.cpp:263:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(bmp->bookmarkName, "NewBookmark"); data/ncftp-3.2.5/win/bmed/bmedDlg.cpp:281:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char url[256]; data/ncftp-3.2.5/win/bmed/bmedDlg.cpp:294:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(bmp, bmpToDupe, sizeof(Bookmark)); data/ncftp-3.2.5/win/bmed/bookmark.c:41:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pbuf[32]; data/ncftp-3.2.5/win/bmed/bookmark.c:58:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(pbuf, ":%u", (unsigned int) bmp->port); data/ncftp-3.2.5/win/bmed/bookmark.c:140:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char token[128]; data/ncftp-3.2.5/win/bmed/bookmark.c:141:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pass[128]; data/ncftp-3.2.5/win/bmed/bookmark.c:205:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bmp->port = (unsigned int) atoi(token); data/ncftp-3.2.5/win/bmed/bookmark.c:211:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). case 10: bmp->hasSIZE = atoi(token); break; data/ncftp-3.2.5/win/bmed/bookmark.c:212:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). case 11: bmp->hasMDTM = atoi(token); break; data/ncftp-3.2.5/win/bmed/bookmark.c:213:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). case 12: bmp->hasPASV = atoi(token); break; data/ncftp-3.2.5/win/bmed/bookmark.c:214:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). case 13: bmp->isUnix = atoi(token); data/ncftp-3.2.5/win/bmed/bookmark.c:227:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). case 21: bmp->hasUTIME = atoi(token); data/ncftp-3.2.5/win/bmed/bookmark.c:264:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[512]; data/ncftp-3.2.5/win/bmed/bookmark.c:282:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName[256], path2[256]; data/ncftp-3.2.5/win/bmed/bookmark.c:283:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/ncftp-3.2.5/win/bmed/bookmark.c:292:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(pathName, FOPEN_READ_TEXT); data/ncftp-3.2.5/win/bmed/bookmark.c:298:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(pathName, FOPEN_READ_TEXT); data/ncftp-3.2.5/win/bmed/bookmark.c:327:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(line, ".v%d", version); data/ncftp-3.2.5/win/bmed/bookmark.c:370:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(pathName, FOPEN_READ_TEXT); data/ncftp-3.2.5/win/bmed/bookmark.c:398:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[512]; data/ncftp-3.2.5/win/bmed/bookmark.c:410:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bmabbrtrunc[sizeof(bmp->bookmarkName)]; data/ncftp-3.2.5/win/bmed/bookmark.c:596:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(dst, "$%02x", c); data/ncftp-3.2.5/win/bmed/bookmark.c:617:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tok[256]; data/ncftp-3.2.5/win/bmed/bookmark.c:618:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pass[160]; data/ncftp-3.2.5/win/bmed/bookmark.c:624:10: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. (void) memcpy(pass, kPasswordMagic, kPasswordMagicLen); data/ncftp-3.2.5/win/bmed/bookmark.c:658:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidStr[32]; data/ncftp-3.2.5/win/bmed/bookmark.c:659:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName[256], path2[256]; data/ncftp-3.2.5/win/bmed/bookmark.c:666:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(pidStr, "-%u.txt", (unsigned int) getpid()); data/ncftp-3.2.5/win/bmed/bookmark.c:686:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pidStr[32]; data/ncftp-3.2.5/win/bmed/bookmark.c:687:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName[256], path2[256]; data/ncftp-3.2.5/win/bmed/bookmark.c:694:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. (void) sprintf(pidStr, "-%u.txt", (unsigned int) getpid()); data/ncftp-3.2.5/win/bmed/bookmark.c:697:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfp = fopen(pathName, FOPEN_WRITE_TEXT); data/ncftp-3.2.5/win/bmed/bookmark.c:771:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/ncftp-3.2.5/win/bmed/bookmark.c:772:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bmAbbr[64]; data/ncftp-3.2.5/win/bmed/bookmark.c:839:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[128]; data/ncftp-3.2.5/win/bmed/bookmark.h:10:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bookmarkName[16]; data/ncftp-3.2.5/win/bmed/bookmark.h:11:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[64]; data/ncftp-3.2.5/win/bmed/bookmark.h:12:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char user[64]; data/ncftp-3.2.5/win/bmed/bookmark.h:13:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pass[64]; data/ncftp-3.2.5/win/bmed/bookmark.h:14:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char acct[64]; data/ncftp-3.2.5/win/bmed/bookmark.h:15:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[160]; data/ncftp-3.2.5/win/bmed/bookmark.h:16:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ldir[160]; data/ncftp-3.2.5/win/bmed/bookmark.h:24:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lastIP[32]; data/ncftp-3.2.5/win/bmed/bookmark.h:25:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char comment[128]; data/ncftp-3.2.5/win/bmed/util.c:14:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gUser[32]; data/ncftp-3.2.5/win/bmed/util.c:15:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gHome[256]; data/ncftp-3.2.5/win/bmed/util.c:16:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gShell[256]; data/ncftp-3.2.5/win/bmed/util.c:17:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gOurDirectoryPath[260]; data/ncftp-3.2.5/win/bmed/util.c:18:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char gOurInstallationPath[260]; data/ncftp-3.2.5/win/bmed/util.c:20:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char B64EncodeTable[64] = data/ncftp-3.2.5/win/bmed/util.c:32:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char B64DecodeTable[256] = data/ncftp-3.2.5/win/bmed/util.c:173:11: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. (void) strcpy(dst, "..."); data/ncftp-3.2.5/win/bmed/util.c:178:11: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. (void) strcpy(dst + max - 3, "..."); data/ncftp-3.2.5/win/bmed/util.c:433:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (atoi(s) != 0) data/ncftp-3.2.5/win/bmed/util.c:508:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[512]; data/ncftp-3.2.5/Strn/DStrCat.c:15:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). srcLen = strlen(src) + 1 /* copy NUL byte also */; data/ncftp-3.2.5/Strn/DStrCatList.c:29:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). catLen += strlen(src); data/ncftp-3.2.5/Strn/DStrCatList.c:73:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). srcLen = strlen(src); data/ncftp-3.2.5/Strn/DStrCpy.c:18:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). srcLen = strlen(src) + 1 /* copy NUL byte also */; data/ncftp-3.2.5/Strn/DStrCpyList.c:29:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newLen += strlen(src); data/ncftp-3.2.5/Strn/DStrCpyList.c:71:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). srcLen = strlen(src); data/ncftp-3.2.5/Strn/Dynscat.c:25:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). catLen += strlen(src); data/ncftp-3.2.5/Strn/Dynscat.c:45:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). curLen = strlen(*dst); data/ncftp-3.2.5/Strn/Dynscat.c:58:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). srcLen = strlen(src); data/ncftp-3.2.5/Strn/Dynscpy.c:49:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). catLen += strlen(src); data/ncftp-3.2.5/Strn/Dynscpy.c:66:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). srcLen = strlen(src); data/ncftp-3.2.5/Strn/Dynsrecpy.c:63:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). catLen += strlen(src); data/ncftp-3.2.5/Strn/Dynsrecpy.c:71:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if ((catLen + 2) > (strlen(*dst) + 1)) { data/ncftp-3.2.5/Strn/Dynsrecpy.c:84:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). srcLen = strlen(src); data/ncftp-3.2.5/Strn/Dynsrecpy.c:100:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). srcLen = strlen(src); data/ncftp-3.2.5/Strn/StrFree.c:14:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(src) + 1; data/ncftp-3.2.5/Strn/Strncat.c:21:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (n != 0 && ((i = strlen(dst)) < (n - 1))) { data/ncftp-3.2.5/Strn/Strncat_NoZeroPad.c:21:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (n != 0 && ((i = strlen(dst)) < (n - 1))) { data/ncftp-3.2.5/Strn/Strnpcat.c:25:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (n != 0 && ((i = strlen(dst)) < (n - 1))) { data/ncftp-3.2.5/Strn/Strntok.c:149:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). printf("strtok %d=[%s] length=%d\n", i, t, (int) strlen(t)); data/ncftp-3.2.5/Strn/Strntok.c:161:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). printf("Strtok %d=[%s] length=%d\n", i, t, (int) strlen(t)); data/ncftp-3.2.5/Strn/strtokc.c:210:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). printf("strtok %d=[%s] length=%d\n", i, t, (int) strlen(t)); data/ncftp-3.2.5/Strn/strtokc.c:222:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). printf("strtokc %d=[%s] length=%d\n", i, t, (int) strlen(t)); data/ncftp-3.2.5/libncftp/c_chdirlist.c:32:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len += strlen(lp->line); data/ncftp-3.2.5/libncftp/c_chdirlist.c:42:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cdstr, "/"); data/ncftp-3.2.5/libncftp/c_exists.c:305:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (FTPPutFileFromMemory(cip, testFileName, testFileMessage, strlen(testFileMessage), kAppendNo) == kNoErr) { data/ncftp-3.2.5/libncftp/c_mkdir.c:75:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = dir + strlen(dir) - 1; data/ncftp-3.2.5/libncftp/c_mkdir.c:113:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = dir + strlen(dir) - 1; data/ncftp-3.2.5/libncftp/c_mlist1.c:78:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). optstrlen = strlen(optstr); data/ncftp-3.2.5/libncftp/c_rmdir.c:40:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tail = file + strlen( file ); data/ncftp-3.2.5/libncftp/c_size.c:106:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nread = read(fd, buf, bufsize); data/ncftp-3.2.5/libncftp/ftp.c:871:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(maybePrivateAddrStr, gPrivateNetworks[i], strlen(gPrivateNetworks[i])) == 0) data/ncftp-3.2.5/libncftp/ftp.c:878:72: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(knownNonPrivateAddrToUseIfNeededStr, gPrivateNetworks[i], strlen(gPrivateNetworks[i])) == 0) data/ncftp-3.2.5/libncftp/ftw.c:42:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path); data/ncftp-3.2.5/libncftp/ftw.c:219:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fnLen = strlen(cp) + 1 /* include \0 */; data/ncftp-3.2.5/libncftp/ftw.c:346:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path); data/ncftp-3.2.5/libncftp/ftw.c:365:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = ftwip->curPath + strlen(ftwip->curPath); data/ncftp-3.2.5/libncftp/io_get.c:481:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nread = read(cip->dataSocket, buf, (read_size_t) bufSize); data/ncftp-3.2.5/libncftp/io_get.c:668:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nwrote = PWrite(fd, cip->textEOLN, (write_size_t) strlen(cip->textEOLN)); data/ncftp-3.2.5/libncftp/io_get.c:669:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (nwrote == (write_return_t) strlen(cip->textEOLN)) { data/ncftp-3.2.5/libncftp/io_get.c:737:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nread = read(cip->dataSocket, buf, (read_size_t) bufSize); data/ncftp-3.2.5/libncftp/io_getmem.c:186:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nread = read(cip->dataSocket, memBuf, (read_size_t) ntoread); data/ncftp-3.2.5/libncftp/io_gettar.c:298:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nread = read(cip->dataSocket, buf, (read_size_t) bufSize); data/ncftp-3.2.5/libncftp/io_list.c:95:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) write(outfd, line, (write_size_t) strlen(line)); data/ncftp-3.2.5/libncftp/io_list.c:129:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) write(outfd, line, (write_size_t) strlen(line)); data/ncftp-3.2.5/libncftp/io_put.c:42:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nread = read(fd, inbuf, (read_size_t) bufsize); data/ncftp-3.2.5/libncftp/io_put.c:460:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nread = read(fd, inbuf, (read_size_t) sizeof(inbuf)); data/ncftp-3.2.5/libncftp/io_put.c:487:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nread = read(fd, inbuf, (read_size_t) sizeof(inbuf)); data/ncftp-3.2.5/libncftp/io_put.c:582:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nread = read(fd, cp, (read_size_t) bufSize); data/ncftp-3.2.5/libncftp/lglob.c:82:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = pattern + strlen(pattern) - 1; data/ncftp-3.2.5/libncftp/lglobr.c:124:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lrflstate.relativePathStartOffset = (int) strlen(cp); data/ncftp-3.2.5/libncftp/linelist.c:23:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(buf) + 1; data/ncftp-3.2.5/libncftp/ncftp.h:135:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). # define read _read data/ncftp-3.2.5/libncftp/open.c:712:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = line + strlen(line) - 1; data/ncftp-3.2.5/libncftp/open.c:778:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). etc_cp = etc_line + strlen(etc_line) - 1; data/ncftp-3.2.5/libncftp/rcmd.c:320:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). clen = strlen(command); data/ncftp-3.2.5/libncftp/rcmd.c:358:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). result = SWrite(cip->ctrlSocketW, command, strlen(command), (int) cip->ctrlTimeout, 0); data/ncftp-3.2.5/libncftp/rcmd.c:910:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nr = (int) read(inStream, secondaryBuf, secBufSize); data/ncftp-3.2.5/libncftp/rftw.c:130:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fnLen = strlen(cp) + 1 /* include \0 */; data/ncftp-3.2.5/libncftp/rftw.c:344:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path); data/ncftp-3.2.5/libncftp/rftw.c:387:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). endp = cp = ftwip->curPath + strlen(ftwip->curPath); data/ncftp-3.2.5/libncftp/rglob.c:135:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plen = strlen(patPrefix); data/ncftp-3.2.5/libncftp/rglob.c:266:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define glberr(a) (ISTRNEQ(cp, a, strlen(a))) data/ncftp-3.2.5/libncftp/syshdrs.h:69:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). # define read _read data/ncftp-3.2.5/libncftp/u_decodehost.c:110:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = line + strlen(line) - 1; data/ncftp-3.2.5/libncftp/u_decodeurl.c:95:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = url + strlen(url) - 1; data/ncftp-3.2.5/libncftp/u_decodeurl.c:107:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = url + strlen(url) - 1; data/ncftp-3.2.5/libncftp/u_decodeurl.c:235:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). URLCopyToken(fn, fnsize, lastslash + 1, strlen(lastslash + 1)); data/ncftp-3.2.5/libncftp/u_decodeurl.c:237:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). URLCopyToken(subdir, sizeof(subdir), tok, strlen(tok)); data/ncftp-3.2.5/libncftp/u_error.c:54:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(buf); data/ncftp-3.2.5/libncftp/u_fileextn.c:26:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). extn = pathName + strlen(pathName) - 1; data/ncftp-3.2.5/libncftp/u_fileextn.c:38:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(extn) > (sizeof(extnPattern) - 2 - 1 - 1)) { data/ncftp-3.2.5/libncftp/u_getpass.c:24:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pwbuf, cp, pwbufsize); data/ncftp-3.2.5/libncftp/u_getusr.c:23:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. (void) strncpy(dst, "unknown", size); data/ncftp-3.2.5/libncftp/u_mkdirs.c:81:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void) strncpy(s, newdir, sizeof(s)); data/ncftp-3.2.5/libncftp/u_pathcat.c:209:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) memmove(b + 1, a + 3, strlen(a + 3) + 1); data/ncftp-3.2.5/libncftp/u_pathcat.c:211:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) memmove(b, a + 3, strlen(a + 3) + 1); data/ncftp-3.2.5/libncftp/u_pathcat.c:305:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dsize = strlen(cwd) + data/ncftp-3.2.5/libncftp/u_pathcat.c:307:3: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(src) + data/ncftp-3.2.5/libncftp/u_scram.c:21:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). keyLen = strlen(key); data/ncftp-3.2.5/libncftp/u_slash.c:22:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nlptr = cp + strlen(cp) - 1; data/ncftp-3.2.5/libncftp/u_slash.c:42:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = dst + strlen(dst); data/ncftp-3.2.5/libncftp/u_unmdtm.c:35:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(y2fix + 4, dstr + 5, sizeof(y2fix) - 6); data/ncftp-3.2.5/libncftp/unls.c:215:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(cp, cp + 1, strlen(cp + 1) + 1); data/ncftp-3.2.5/libncftp/unls.c:613:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (int) strlen(STRNCPY(line, lp->line)); data/ncftp-3.2.5/libncftp/unls.c:662:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cwdlen = strlen(cip->buf); data/ncftp-3.2.5/libncftp/unls.c:681:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fileLen = strlen(cp); data/ncftp-3.2.5/libncftp/unls.c:731:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cwdlen = strlen(cip->buf); data/ncftp-3.2.5/libncftp/unls.c:743:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(curdir, cp, strlen(cp) + 1); data/ncftp-3.2.5/libncftp/unls.c:780:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(line0); data/ncftp-3.2.5/libncftp/unls.c:885:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(cp); data/ncftp-3.2.5/libncftp/unls.c:927:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fileLen = strlen(mli.fname); data/ncftp-3.2.5/libncftp/unls.c:1006:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). plugLen = strlen(plug); data/ncftp-3.2.5/libncftp/util2.cpp:38:12: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void) strncpy(dst, path, size - 1); data/ncftp-3.2.5/ncftp/bookmark.c:241:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). FromBase64(pass, bmp->pass + kPasswordMagicLen, strlen(bmp->pass + kPasswordMagicLen), 1); data/ncftp-3.2.5/ncftp/bookmark.c:421:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bmabbrLen = strlen(bmabbr); data/ncftp-3.2.5/ncftp/bookmark.c:625:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ToBase64(pass + kPasswordMagicLen, bmp->pass, strlen(bmp->pass), 1); data/ncftp-3.2.5/ncftp/bookmark.c:782:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(bmAbbr); data/ncftp-3.2.5/ncftp/cmds.c:213:61: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). AbsoluteToRelative(bm.dir, sizeof(bm.dir), dir, gStartDir, strlen(gStartDir)); data/ncftp-3.2.5/ncftp/cmds.c:289:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). AbsoluteToRelative(bmp->dir, sizeof(bmp->dir), dir, gStartDir, strlen(gStartDir)); data/ncftp-3.2.5/ncftp/cmds.c:915:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(rpath, "//|||//", strlen("//|||//")) == 0) { data/ncftp-3.2.5/ncftp/cmds.c:916:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rpath += strlen("//|||//"); data/ncftp-3.2.5/ncftp/cmds.c:1003:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(rpath, "//|||//", strlen("//|||//")) == 0) data/ncftp-3.2.5/ncftp/cmds.c:1004:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rpath += strlen("//|||//"); /* Skip over the Create-from-scratch magic cookie. */ data/ncftp-3.2.5/ncftp/cmds.c:1228:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newname[strlen(newname) - 1] = '\0'; data/ncftp-3.2.5/ncftp/cmds.c:1417:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (int) strlen(c->name); data/ncftp-3.2.5/ncftp/cmds.c:2437:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(buf); data/ncftp-3.2.5/ncftp/cmds.c:2664:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen(cp) >= 2) && (isalpha((int) cp[0])) && (cp[1] == ':')) data/ncftp-3.2.5/ncftp/cmds.c:2852:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(opt.arg, '*', strlen(opt.arg)); data/ncftp-3.2.5/ncftp/cmds.c:3198:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newname[strlen(newname) - 1] = '\0'; data/ncftp-3.2.5/ncftp/cmds.c:3829:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(rdir1); data/ncftp-3.2.5/ncftp/cmds.c:3839:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(ldir1); data/ncftp-3.2.5/ncftp/cmds.c:4205:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(rdir1); data/ncftp-3.2.5/ncftp/cmds.c:4215:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(ldir1); data/ncftp-3.2.5/ncftp/gl_getline.c:59:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). # define read _read data/ncftp-3.2.5/ncftp/gl_getline.c:174:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gl_strlen_proc gl_strlen = (gl_strlen_proc) strlen; data/ncftp-3.2.5/ncftp/gl_getline.c:384:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((c = (int) read(0, &ch, (read_size_t) 1)) == -1) { data/ncftp-3.2.5/ncftp/gl_getline.c:455:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = (int) read(0, &ch, (read_size_t) 1); data/ncftp-3.2.5/ncftp/gl_getline.c:546:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (write_size_t) strlen(buf); data/ncftp-3.2.5/ncftp/gl_getline.c:555:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (write_size_t) strlen(buf); data/ncftp-3.2.5/ncftp/gl_getline.c:564:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). write_size_t len = (write_size_t) strlen(buf); data/ncftp-3.2.5/ncftp/gl_getline.c:651:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (sizeof(path) >= (strlen(gl_home_dir) + strlen("/.inputrc"))) data/ncftp-3.2.5/ncftp/gl_getline.c:651:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (sizeof(path) >= (strlen(gl_home_dir) + strlen("/.inputrc"))) data/ncftp-3.2.5/ncftp/gl_getline.c:777:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vi_countbuf[strlen(vi_countbuf)] = (char) c; data/ncftp-3.2.5/ncftp/gl_getline.c:851:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). loc = (int) strlen(gl_buf); data/ncftp-3.2.5/ncftp/gl_getline.c:1148:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (int) strlen(gl_killbuf); data/ncftp-3.2.5/ncftp/gl_getline.c:1204:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (int) strlen(gl_buf); data/ncftp-3.2.5/ncftp/gl_getline.c:1244:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((pos < gl_cnt) && (strlen(gl_buf + pos) < sizeof(gl_killbuf))) { data/ncftp-3.2.5/ncftp/gl_getline.c:1361:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(last_prompt, prompt, sizeof(last_prompt) - 1); data/ncftp-3.2.5/ncftp/gl_getline.c:1380:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gl_cnt = (int) strlen(gl_buf); data/ncftp-3.2.5/ncftp/gl_getline.c:1462:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (int) strlen(buf); data/ncftp-3.2.5/ncftp/gl_getline.c:1528:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (int) strlen(buf); data/ncftp-3.2.5/ncftp/gl_getline.c:1531:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((prev == 0) || ((int) strlen(prev) != len) || data/ncftp-3.2.5/ncftp/gl_getline.c:1585:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(p); data/ncftp-3.2.5/ncftp/gl_getline.c:1590:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(s, p, len-1); data/ncftp-3.2.5/ncftp/gl_getline.c:1873:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). imaxlen = strlen(gl_matchlist[0]); data/ncftp-3.2.5/ncftp/gl_getline.c:1875:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ilen = strlen(gl_matchlist[i]); data/ncftp-3.2.5/ncftp/gl_getline.c:1912:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lim = cp1 + (int) strlen(itemp); data/ncftp-3.2.5/ncftp/gl_getline.c:1967:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). llen = strlen(buf); data/ncftp-3.2.5/ncftp/gl_getline.c:2087:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (glen = strlen(matchpfx); ; glen++) { data/ncftp-3.2.5/ncftp/gl_getline.c:2116:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). amt = strlen(strtoadd); data/ncftp-3.2.5/ncftp/gl_getline.c:2217:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gl_home_dir = (char *) malloc(strlen(homepath) + 1); data/ncftp-3.2.5/ncftp/gl_getline.c:2227:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(homedrive) + strlen(homepath) + 1; data/ncftp-3.2.5/ncftp/gl_getline.c:2227:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(homedrive) + strlen(homepath) + 1; data/ncftp-3.2.5/ncftp/gl_getline.c:2238:11: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant character. (void) strncpy(wdir, ".", sizeof(wdir)); data/ncftp-3.2.5/ncftp/gl_getline.c:2261:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(homedir) + /* NUL */ 1; data/ncftp-3.2.5/ncftp/gl_getline.c:2384:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(start) + 1; data/ncftp-3.2.5/ncftp/gl_getline.c:2408:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). filepfxlen = strlen(filepfx); data/ncftp-3.2.5/ncftp/gl_getline.c:2430:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(cp + 1) + /* NUL */ 1; data/ncftp-3.2.5/ncftp/gl_getline.c:2431:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len2 = strlen(gl_home_dir); data/ncftp-3.2.5/ncftp/gl_getline.c:2455:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(name); data/ncftp-3.2.5/ncftp/gl_getline.c:2512:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(start) + 1; data/ncftp-3.2.5/ncftp/gl_getline.c:2531:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(dirtoopen); data/ncftp-3.2.5/ncftp/gl_getline.c:2558:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). filepfxlen = strlen(filepfx); data/ncftp-3.2.5/ncftp/gl_getline.c:2573:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(name); data/ncftp-3.2.5/ncftp/gl_getline.c:2614:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ch = (char) cp[strlen(cp) + 2]; data/ncftp-3.2.5/ncftp/gl_getline.c:2619:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(cp + 1) + /* NUL */ 1; data/ncftp-3.2.5/ncftp/gl_getline.c:2620:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len2 = strlen(gl_home_dir); data/ncftp-3.2.5/ncftp/log.c:101:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fat -= (long) strlen(str); data/ncftp-3.2.5/ncftp/log.c:112:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fat += (long) strlen(str); data/ncftp-3.2.5/ncftp/log.c:126:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (siteline[strlen(siteline) - 1] == '\n') data/ncftp-3.2.5/ncftp/log.c:127:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). siteline[strlen(siteline) - 1] = '\0'; data/ncftp-3.2.5/ncftp/log.c:128:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (siteline[strlen(siteline) - 1] =='\r') data/ncftp-3.2.5/ncftp/log.c:129:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). siteline[strlen(siteline) - 1] = '\0'; data/ncftp-3.2.5/ncftp/ls.c:756:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(cp); data/ncftp-3.2.5/ncftp/ls.c:759:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(fip->relname); data/ncftp-3.2.5/ncftp/ls.c:776:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fil.maxPlugLen = strlen("---------- 1 user group"); data/ncftp-3.2.5/ncftp/main.c:447:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(opt.arg, '*', strlen(opt.arg)); data/ncftp-3.2.5/ncftp/main.c:451:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(opt.arg, '*', strlen(opt.arg)); data/ncftp-3.2.5/ncftp/main.c:455:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(opt.arg, '*', strlen(opt.arg)); data/ncftp-3.2.5/ncftp/progress.c:96:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((cip->usingTAR) && (strlen(localName) < (sizeof(localName) - 6))) { data/ncftp-3.2.5/ncftp/progress.c:128:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((cip->usingTAR) && (strlen(localName) < (sizeof(localName) - 6))) { data/ncftp-3.2.5/ncftp/progress.c:168:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = (int) strlen(line); i < 80 - 2; i++) data/ncftp-3.2.5/ncftp/progress.c:326:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = (int) strlen(line); i < 80 - 2; i++) data/ncftp-3.2.5/ncftp/readln.c:140:10: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (getc(infp) != EOF) {} data/ncftp-3.2.5/ncftp/readln.c:333:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tbnlen = strlen(textbasename); data/ncftp-3.2.5/ncftp/readln.c:341:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (text[strlen(text) - 1] == '/') { data/ncftp-3.2.5/ncftp/readln.c:375:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). flen = strlen(diritemp->relname); data/ncftp-3.2.5/ncftp/readln.c:440:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). textlen = strlen(text); data/ncftp-3.2.5/ncftp/readln.c:469:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). textlen = strlen(text); data/ncftp-3.2.5/ncftp/readln.c:503:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). textlen = strlen(text); data/ncftp-3.2.5/ncftp/readln.c:701:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = line + strlen(line) - 1; data/ncftp-3.2.5/ncftp/shell.c:598:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). llen = strlen(lineRead) + 1; data/ncftp-3.2.5/ncftp/spoolutil.c:178:7: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). um = umask(077); data/ncftp-3.2.5/ncftp/spoolutil.c:180:9: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). (void) umask(um); data/ncftp-3.2.5/ncftp/spoolutil.c:205:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ToBase64(pass + kPasswordMagicLen, passclear, strlen(passclear), 1); data/ncftp-3.2.5/ncftp/syshdrs.h:84:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). # define read _read data/ncftp-3.2.5/ncftp/util.c:231:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ulen = strlen(url); data/ncftp-3.2.5/ncftp/util.c:236:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(dst, startdir, strlen(startdir)) == 0) { data/ncftp-3.2.5/ncftp/util.c:238:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(dst, dst + strlen(startdir), strlen(dst) - strlen(startdir) + 1); data/ncftp-3.2.5/ncftp/util.c:238:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(dst, dst + strlen(startdir), strlen(dst) - strlen(startdir) + 1); data/ncftp-3.2.5/ncftp/util.c:238:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(dst, dst + strlen(startdir), strlen(dst) - strlen(startdir) + 1); data/ncftp-3.2.5/ncftp/util.c:249:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(dst + 4, dst + 1, strlen(dst + 1)); data/ncftp-3.2.5/ncftp/util.c:272:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (int) strlen(src); data/ncftp-3.2.5/ncftp/util.c:899:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void) strncpy(sa, a, n); data/ncftp-3.2.5/ncftp/util.c:900:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void) strncpy(sb, b, n); data/ncftp-3.2.5/ncftp/util.c:914:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void) strncpy(ma, a, n); data/ncftp-3.2.5/ncftp/util.c:915:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void) strncpy(mb, b, n); data/ncftp-3.2.5/ncftp/util.c:977:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (reason[strlen(reason) - 1] == '\n') data/ncftp-3.2.5/ncftp/util.c:978:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). reason[strlen(reason) - 1] = '\0'; data/ncftp-3.2.5/sh_util/gpshare.c:148:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = (int) strlen(line); i < 80 - 2; i++) data/ncftp-3.2.5/sh_util/gpshare.c:294:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = (int) strlen(line); i < 80 - 2; i++) data/ncftp-3.2.5/sh_util/gpshare.c:372:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = line + strlen(line) - 1; data/ncftp-3.2.5/sh_util/gpshare.c:616:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncasecmp(src, gUsrBinFTPCommands[i], strlen(gUsrBinFTPCommands[i])) == 0) { data/ncftp-3.2.5/sh_util/gpshare.c:618:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). skip = strlen(gUsrBinFTPCommands[i]); data/ncftp-3.2.5/sh_util/ncftpbatch.c:262:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = gStatusText + strlen(gStatusText) - 1; data/ncftp-3.2.5/sh_util/ncftpbatch.c:511:2: [1] (access) umask: Ensure that umask is given most restrictive possible setting (e.g., 066 or 077) (CWE-732). umask(077); data/ncftp-3.2.5/sh_util/ncftpbatch.c:792:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp += strlen(cp) - 1; data/ncftp-3.2.5/sh_util/ncftpbatch.c:796:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp += strlen(cp) - 1; data/ncftp-3.2.5/sh_util/ncftpbatch.c:943:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) PWrite(pfd[1], (const char *) addstr, strlen(addstr)); data/ncftp-3.2.5/sh_util/ncftpbatch.c:1143:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). FromBase64(line, gRPass + kPasswordMagicLen, strlen(gRPass + kPasswordMagicLen), 1); data/ncftp-3.2.5/sh_util/ncftpbatch.c:1922:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(cp + 2, cp, strlen(cp) + 2); data/ncftp-3.2.5/sh_util/ncftpbatch.c:1924:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(cp + 1, cp, strlen(cp) + 1); data/ncftp-3.2.5/sh_util/ncftpbatch.c:1926:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(cp + 1, cp, strlen(cp) + 1); data/ncftp-3.2.5/sh_util/ncftpbatch.c:1946:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(gStatusText, gStatusText + 7, strlen(gStatusText) + 7); data/ncftp-3.2.5/sh_util/ncftpget.c:491:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(opt.arg, 0, strlen(fi.user)); data/ncftp-3.2.5/sh_util/ncftpget.c:496:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(opt.arg, 0, strlen(fi.acct)); data/ncftp-3.2.5/sh_util/ncftpget.c:504:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(opt.arg, 0, strlen(fi.pass)); data/ncftp-3.2.5/sh_util/ncftpget.c:509:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(opt.arg, 0, strlen(fi.user)); data/ncftp-3.2.5/sh_util/ncftpls.c:49:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t sdlen = strlen(subdir); data/ncftp-3.2.5/sh_util/ncftpls.c:165:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sdlen = strlen(startdir); data/ncftp-3.2.5/sh_util/ncftpls.c:501:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(opt.arg, 0, strlen(fi.user)); data/ncftp-3.2.5/sh_util/ncftpls.c:506:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(opt.arg, 0, strlen(fi.acct)); data/ncftp-3.2.5/sh_util/ncftpls.c:514:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(opt.arg, 0, strlen(fi.pass)); data/ncftp-3.2.5/sh_util/ncftpls.c:519:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(opt.arg, 0, strlen(fi.user)); data/ncftp-3.2.5/sh_util/ncftpls.c:730:59: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if ((tryMLSD == 0) && (coloncp != NULL) && (strlen(coloncp) > 4) && (strncmp(coloncp + 3, "ermission denied", strlen("ermission denied")) == 0)) { data/ncftp-3.2.5/sh_util/ncftpls.c:730:125: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if ((tryMLSD == 0) && (coloncp != NULL) && (strlen(coloncp) > 4) && (strncmp(coloncp + 3, "ermission denied", strlen("ermission denied")) == 0)) { data/ncftp-3.2.5/sh_util/ncftpput.c:469:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(opt.arg, 0, strlen(fi.user)); data/ncftp-3.2.5/sh_util/ncftpput.c:474:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(opt.arg, 0, strlen(fi.acct)); data/ncftp-3.2.5/sh_util/ncftpput.c:482:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(opt.arg, 0, strlen(fi.pass)); data/ncftp-3.2.5/sh_util/ncftpput.c:487:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memset(opt.arg, 0, strlen(fi.user)); data/ncftp-3.2.5/sh_util/syshdrs.h:82:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). # define read _read data/ncftp-3.2.5/sio/DNSUtil.c:9:23: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). # define STRNCPY(a,b) strncpy(a, b, sizeof(a)); a[sizeof(a) - 1] = '\0' data/ncftp-3.2.5/sio/DNSUtil.c:10:25: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). # define Strncpy(a,b,s) strncpy(a, b, s); a[s - 1] = '\0' data/ncftp-3.2.5/sio/DNSUtil.c:13:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t alen = strlen(a); \ data/ncftp-3.2.5/sio/DNSUtil.c:15:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(a + alen, b, s - alen); \ data/ncftp-3.2.5/sio/DNSUtil.c:589:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = domain + strlen(domain) - 1; data/ncftp-3.2.5/sio/DNSUtil.c:593:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dcp = host + strlen(host); data/ncftp-3.2.5/sio/PRead.c:34:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nread = read(sfd, buf, nleft); data/ncftp-3.2.5/sio/SRead.c:102:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nread = read(sfd, (char *) buf, nleft); data/ncftp-3.2.5/sio/StrAddr.c:36:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(str, s, sizeof(str) - 1); data/ncftp-3.2.5/sio/StrAddr.c:164:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dst, sp->s_name, dsize); data/ncftp-3.2.5/sio/StrAddr.c:197:10: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void) strncpy(dst, cp, siz - 1); data/ncftp-3.2.5/sio/StrAddr.c:215:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(portstr, s, sizeof(portstr)); data/ncftp-3.2.5/sio/UNew.c:20:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(uaddr->sun_path, sockfile, sizeof(uaddr->sun_path) - 1); data/ncftp-3.2.5/sio/UNew.c:23:81: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ualen = (int) sizeof(uaddr->sun_len) + (int) sizeof(uaddr->sun_family) + (int) strlen(uaddr->sun_path) + 1; data/ncftp-3.2.5/sio/UNew.c:26:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ualen = (int) sizeof(uaddr->sun_family) + (int) strlen(uaddr->sun_path) + 1; data/ncftp-3.2.5/sio/syshdrs.h:57:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). # define read _read data/ncftp-3.2.5/vis/wgets.c:354:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gBufLen = strlen(gDst); data/ncftp-3.2.5/vis/wgets.c:394:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gBufLen = strlen(gDst); data/ncftp-3.2.5/vis/wgets.c:521:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gBufLen = strlen(gBufPtr); data/ncftp-3.2.5/vis/wutil.c:93:3: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read(tty, &junk, 1); data/ncftp-3.2.5/vis/wutil.c:292:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). x = (maxx - (int) strlen(str)) / 2; data/ncftp-3.2.5/vis/wutil.c:389:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). (void) write(1, buf, strlen(buf)); data/ncftp-3.2.5/win/bmed/bmed.cpp:113:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(str, (LPCSTR) m_selectedBookmarkName, sizeof(str)); data/ncftp-3.2.5/win/bmed/bookmark.c:241:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). FromBase64(pass, bmp->pass + kPasswordMagicLen, strlen(bmp->pass + kPasswordMagicLen), 1); data/ncftp-3.2.5/win/bmed/bookmark.c:421:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bmabbrLen = strlen(bmabbr); data/ncftp-3.2.5/win/bmed/bookmark.c:625:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ToBase64(pass + kPasswordMagicLen, bmp->pass, strlen(bmp->pass), 1); data/ncftp-3.2.5/win/bmed/bookmark.c:782:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(bmAbbr); data/ncftp-3.2.5/win/bmed/util.c:169:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (int) strlen(src); data/ncftp-3.2.5/win/bmed/util.c:450:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nlptr = cp + strlen(cp) - 1; data/ncftp-3.2.5/win/bmed/util.c:571:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). (void) strncpy(s, newdir, sizeof(s)); ANALYSIS SUMMARY: Hits = 1291 Lines analyzed = 52979 in approximately 1.34 seconds (39404 lines/second) Physical Source Lines of Code (SLOC) = 40742 Hits@level = [0] 589 [1] 262 [2] 780 [3] 43 [4] 198 [5] 8 Hits@level+ = [0+] 1880 [1+] 1291 [2+] 1029 [3+] 249 [4+] 206 [5+] 8 Hits/KSLOC@level+ = [0+] 46.144 [1+] 31.6872 [2+] 25.2565 [3+] 6.11163 [4+] 5.05621 [5+] 0.196358 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.