Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.h
Examining data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c
Examining data/openarena-0.8.8+dfsg/code/tools/asm/mathlib.h
Examining data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c
Examining data/openarena-0.8.8+dfsg/code/tools/asm/opstrings.h
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_mods.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_kick.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_display.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_rankings.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_playersettings.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_playermodel.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_timelimit.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_serverinfo.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_atoms.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_main.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_specifyleague.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_controls2.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_spreset.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_qmenu.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_removebots.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_sound.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_network.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_custom.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_confirm.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_map.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_mfield.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_fraglimit.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_password.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_loadconfig.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_challenges.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_teamorders.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_signup.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_demo2.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_video.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_login.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_cinematics.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_players.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_addbots.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_spskill.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_saveconfig.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_team.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_specifyserver.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_sparena.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_connect.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_options.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_gametype.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_credits.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_cdkey.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_setup.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_ingame.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_menu.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_firstconnect.c
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_local.h
Examining data/openarena-0.8.8+dfsg/code/q3_ui/ui_preferences.c
Examining data/openarena-0.8.8+dfsg/code/renderer/tr_types.h
Examining data/openarena-0.8.8+dfsg/code/qcommon/qcommon.h
Examining data/openarena-0.8.8+dfsg/code/qcommon/qfiles.h
Examining data/openarena-0.8.8+dfsg/code/qcommon/q_math.c
Examining data/openarena-0.8.8+dfsg/code/qcommon/surfaceflags.h
Examining data/openarena-0.8.8+dfsg/code/qcommon/q_platform.h
Examining data/openarena-0.8.8+dfsg/code/qcommon/q_shared.h
Examining data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c
Examining data/openarena-0.8.8+dfsg/code/game/g_client.c
Examining data/openarena-0.8.8+dfsg/code/game/bg_alloc.c
Examining data/openarena-0.8.8+dfsg/code/game/g_syscalls.c
Examining data/openarena-0.8.8+dfsg/code/game/g_local.h
Examining data/openarena-0.8.8+dfsg/code/game/ai_cmd.c
Examining data/openarena-0.8.8+dfsg/code/game/syn.h
Examining data/openarena-0.8.8+dfsg/code/game/g_arenas.c
Examining data/openarena-0.8.8+dfsg/code/game/ai_cmd.h
Examining data/openarena-0.8.8+dfsg/code/game/g_rankings.c
Examining data/openarena-0.8.8+dfsg/code/game/g_mem.c
Examining data/openarena-0.8.8+dfsg/code/game/g_rankings.h
Examining data/openarena-0.8.8+dfsg/code/game/g_public.h
Examining data/openarena-0.8.8+dfsg/code/game/g_bot.c
Examining data/openarena-0.8.8+dfsg/code/game/g_weapon.c
Examining data/openarena-0.8.8+dfsg/code/game/g_misc.c
Examining data/openarena-0.8.8+dfsg/code/game/chars.h
Examining data/openarena-0.8.8+dfsg/code/game/bg_local.h
Examining data/openarena-0.8.8+dfsg/code/game/ai_dmq3.h
Examining data/openarena-0.8.8+dfsg/code/game/g_vote.c
Examining data/openarena-0.8.8+dfsg/code/game/g_team.c
Examining data/openarena-0.8.8+dfsg/code/game/ai_main.c
Examining data/openarena-0.8.8+dfsg/code/game/g_spawn.c
Examining data/openarena-0.8.8+dfsg/code/game/bg_slidemove.c
Examining data/openarena-0.8.8+dfsg/code/game/g_killspree.c
Examining data/openarena-0.8.8+dfsg/code/game/g_team.h
Examining data/openarena-0.8.8+dfsg/code/game/ai_main.h
Examining data/openarena-0.8.8+dfsg/code/game/g_killspree.h
Examining data/openarena-0.8.8+dfsg/code/game/g_svcmds.c
Examining data/openarena-0.8.8+dfsg/code/game/challenges.h
Examining data/openarena-0.8.8+dfsg/code/game/g_cmds_ext.c
Examining data/openarena-0.8.8+dfsg/code/game/g_playerstore.c
Examining data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c
Examining data/openarena-0.8.8+dfsg/code/game/g_svcmds_ext.c
Examining data/openarena-0.8.8+dfsg/code/game/ai_dmnet.h
Examining data/openarena-0.8.8+dfsg/code/game/g_session.c
Examining data/openarena-0.8.8+dfsg/code/game/g_unlagged.c
Examining data/openarena-0.8.8+dfsg/code/game/g_target.c
Examining data/openarena-0.8.8+dfsg/code/game/g_mover.c
Examining data/openarena-0.8.8+dfsg/code/game/g_admin.c
Examining data/openarena-0.8.8+dfsg/code/game/ai_team.c
Examining data/openarena-0.8.8+dfsg/code/game/match.h
Examining data/openarena-0.8.8+dfsg/code/game/inv.h
Examining data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c
Examining data/openarena-0.8.8+dfsg/code/game/g_admin.h
Examining data/openarena-0.8.8+dfsg/code/game/ai_team.h
Examining data/openarena-0.8.8+dfsg/code/game/g_utils.c
Examining data/openarena-0.8.8+dfsg/code/game/ai_vcmd.h
Examining data/openarena-0.8.8+dfsg/code/game/g_fileops.c
Examining data/openarena-0.8.8+dfsg/code/game/g_trigger.c
Examining data/openarena-0.8.8+dfsg/code/game/g_missile.c
Examining data/openarena-0.8.8+dfsg/code/game/bg_lib.c
Examining data/openarena-0.8.8+dfsg/code/game/bg_lib.h
Examining data/openarena-0.8.8+dfsg/code/game/ai_chat.c
Examining data/openarena-0.8.8+dfsg/code/game/ai_chat.h
Examining data/openarena-0.8.8+dfsg/code/game/g_cmds.c
Examining data/openarena-0.8.8+dfsg/code/game/g_main.c
Examining data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c
Examining data/openarena-0.8.8+dfsg/code/game/bg_misc.c
Examining data/openarena-0.8.8+dfsg/code/game/bg_pmove.c
Examining data/openarena-0.8.8+dfsg/code/game/bg_public.h
Examining data/openarena-0.8.8+dfsg/code/game/g_active.c
Examining data/openarena-0.8.8+dfsg/code/game/g_combat.c
Examining data/openarena-0.8.8+dfsg/code/game/g_items.c
Examining data/openarena-0.8.8+dfsg/code/botlib/l_libvar.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_ea.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_ai_char.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_ai_chat.h
Examining data/openarena-0.8.8+dfsg/code/botlib/l_struct.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_aas_move.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_ai_goal.h
Examining data/openarena-0.8.8+dfsg/code/botlib/aasfile.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_interface.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_aas_funcs.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_aas_file.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_ai_weap.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_aas_bsp.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_aas_main.h
Examining data/openarena-0.8.8+dfsg/code/botlib/l_script.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_ai_gen.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_aas_routealt.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_aas_optimize.h
Examining data/openarena-0.8.8+dfsg/code/botlib/l_log.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_aas_entity.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_ai_weight.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_aas.h
Examining data/openarena-0.8.8+dfsg/code/botlib/l_utils.h
Examining data/openarena-0.8.8+dfsg/code/botlib/botlib.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_aas_cluster.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_aas_sample.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_aas_reach.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_aas_debug.h
Examining data/openarena-0.8.8+dfsg/code/botlib/l_precomp.h
Examining data/openarena-0.8.8+dfsg/code/botlib/l_crc.h
Examining data/openarena-0.8.8+dfsg/code/botlib/l_memory.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_ai_move.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_aas_def.h
Examining data/openarena-0.8.8+dfsg/code/botlib/be_aas_route.h
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_playerstate.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_particles.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_unlagged.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_predict.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_info.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_syscalls.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_local.h
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_snapshot.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_challenges.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_newdraw.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_consolecmds.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_ents.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_view.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_weapons.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_marks.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_drawtools.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_players.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_effects.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_event.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_public.h
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_scoreboard.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_localents.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_main.c
Examining data/openarena-0.8.8+dfsg/code/cgame/cg_draw.c
Examining data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c
Examining data/openarena-0.8.8+dfsg/code/ui/ui_public.h
Examining data/openarena-0.8.8+dfsg/code/ui/ui_main.c
Examining data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c
Examining data/openarena-0.8.8+dfsg/code/ui/ui_shared.c
Examining data/openarena-0.8.8+dfsg/code/ui/ui_shared.h
Examining data/openarena-0.8.8+dfsg/code/ui/ui_syscalls.c
Examining data/openarena-0.8.8+dfsg/code/ui/ui_players.c
Examining data/openarena-0.8.8+dfsg/code/ui/ui_local.h
Examining data/openarena-0.8.8+dfsg/code/client/keycodes.h
Examining data/openarena-0.8.8+dfsg/ui/menudef.h
FINAL RESULTS:
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:645:2: [5] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is high; the length parameter
appears to be a constant, instead of computing the number of characters
left.
strncat(fn, filename, sizeof(fn)-1);
data/openarena-0.8.8+dfsg/code/cgame/cg_event.c:115:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( targetName, S_COLOR_WHITE );
data/openarena-0.8.8+dfsg/code/cgame/cg_event.c:245:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( attackerName, S_COLOR_WHITE );
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:792:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, wp->name);
data/openarena-0.8.8+dfsg/code/game/ai_main.c:291:33: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (BotTeam(bs) == TEAM_RED) strcpy(flagstatus, S_COLOR_RED"F ");
data/openarena-0.8.8+dfsg/code/game/ai_main.c:292:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(flagstatus, S_COLOR_BLUE"F ");
data/openarena-0.8.8+dfsg/code/game/ai_main.c:297:33: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (BotTeam(bs) == TEAM_RED) strcpy(flagstatus, S_COLOR_RED"F ");
data/openarena-0.8.8+dfsg/code/game/ai_main.c:298:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy(flagstatus, S_COLOR_BLUE"F ");
data/openarena-0.8.8+dfsg/code/game/ai_team.c:240:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctftaskpreferences[teammate].name, teammatename);
data/openarena-0.8.8+dfsg/code/game/bg_lib.c:198:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
char *strcat( char *strDestination, const char *strSource ) {
data/openarena-0.8.8+dfsg/code/game/bg_lib.c:212:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
char *strcpy( char *strDestination, const char *strSource ) {
data/openarena-0.8.8+dfsg/code/game/bg_lib.c:2102:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
int sscanf( const char *buffer, const char *fmt, ... ) {
data/openarena-0.8.8+dfsg/code/game/bg_lib.h:87:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
char *strcat( char *strDestination, const char *strSource );
data/openarena-0.8.8+dfsg/code/game/bg_lib.h:88:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
char *strcpy( char *strDestination, const char *strSource );
data/openarena-0.8.8+dfsg/code/game/bg_lib.h:105:93: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int Q_snprintf( char *buffer, size_t length, const char *fmt, ... ) __attribute__ ((format (printf, 3, 4)));
data/openarena-0.8.8+dfsg/code/game/bg_lib.h:107:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
int sscanf( const char *buffer, const char *fmt, ... ) __attribute__ ((format (scanf, 2, 3)));
data/openarena-0.8.8+dfsg/code/game/bg_lib.h:107:80: [4] (buffer) scanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
int sscanf( const char *buffer, const char *fmt, ... ) __attribute__ ((format (scanf, 2, 3)));
data/openarena-0.8.8+dfsg/code/game/g_arenas.c:133:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( msg, buf );
data/openarena-0.8.8+dfsg/code/game/g_bot.c:116:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infos[count], info);
data/openarena-0.8.8+dfsg/code/game/g_bot.c:181:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, dirptr);
data/openarena-0.8.8+dfsg/code/game/g_bot.c:784:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, Info_ValueForKey( g_botInfos[i], "name" ));
data/openarena-0.8.8+dfsg/code/game/g_bot.c:788:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(funname, Info_ValueForKey( g_botInfos[i], "funname" ));
data/openarena-0.8.8+dfsg/code/game/g_bot.c:792:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(model, Info_ValueForKey( g_botInfos[i], "model" ));
data/openarena-0.8.8+dfsg/code/game/g_bot.c:796:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(aifile, Info_ValueForKey( g_botInfos[i], "aifile"));
data/openarena-0.8.8+dfsg/code/game/g_bot.c:925:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, dirptr);
data/openarena-0.8.8+dfsg/code/game/g_client.c:1360:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(c1, Info_ValueForKey( userinfo, "color1" ));
data/openarena-0.8.8+dfsg/code/game/g_client.c:1361:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(c2, Info_ValueForKey( userinfo, "color2" ));
data/openarena-0.8.8+dfsg/code/game/g_client.c:1364:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(redTeam, Info_ValueForKey( userinfo, "g_redteam" ));
data/openarena-0.8.8+dfsg/code/game/g_client.c:1365:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(blueTeam, Info_ValueForKey( userinfo, "g_blueteam" ));
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:101:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string + stringlength, entry);
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:159:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string + stringlength, entry);
data/openarena-0.8.8+dfsg/code/game/g_team.c:1750:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (string + stringlength, entry);
data/openarena-0.8.8+dfsg/code/game/g_utils.c:44:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(remappedShaders[i].newShader,newShader);
data/openarena-0.8.8+dfsg/code/game/g_utils.c:50:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(remappedShaders[remapCount].newShader,newShader);
data/openarena-0.8.8+dfsg/code/game/g_utils.c:51:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(remappedShaders[remapCount].oldShader,oldShader);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_controls2.c:742:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( name, name2 );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_controls2.c:803:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( s_controls.playerModel, buf );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:128:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infos[count], info);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:196:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, dirptr);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:383:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, dirptr);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playermodel.c:340:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s_playermodel.modelskin,pdest + 5);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playermodel.c:486:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(modelskin,pdest + 5);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_players.c:91:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( path, item->world_model[0] );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_players.c:97:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( path, item->world_model[0] );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playersettings.c:261:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( s_playersettings.playerModel, buf );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_qmenu.c:146:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff,t->generic.name);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_qmenu.c:150:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buff,t->string);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:968:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( g_arenaservers.favoriteaddresses[g_numfavoriteservers], adrstr );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1157:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( adrstr, g_arenaservers.favoriteaddresses[g_arenaservers.currentping] );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1162:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( g_arenaservers.pinglist[j].adrstr, adrstr );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_specifyserver.c:81:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff,s_specifyserver.domain.field.buffer);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c:237:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( levelMenuInfo.levelPicNames[n], va( "levelshots/%s.tga", map ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c:239:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( levelMenuInfo.levelPicNames[n], ART_MAP_UNKNOWN );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:1499:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( s_serveroptions.mapnamebuffer, s_startserver.mapname.string );
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1221:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (start, s); // remove this part
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1288:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (newi, s);
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1289:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (s, newi);
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1328:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (s, newi);
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.h:135:22: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define Q_snprintf _snprintf
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.h:137:23: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define Q_vsnprintf vsnprintf
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.h:138:22: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define Q_snprintf snprintf
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.h:641:66: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void COM_ParseError( char *format, ... ) __attribute__ ((format (printf, 1, 2)));
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.h:642:68: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void COM_ParseWarning( char *format, ... ) __attribute__ ((format (printf, 1, 2)));
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.h:676:93: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_sprintf (char *dest, int size, const char *fmt, ...) __attribute__ ((format (printf, 3, 4)));
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.h:780:60: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
char * QDECL va(char *format, ...) __attribute__ ((format (printf, 1, 2)));
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.h:799:83: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_Error( int level, const char *error, ... ) __attribute__ ((format (printf, 2, 3))) __attribute__((noreturn));
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.h:800:71: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_Printf( const char *msg, ... ) __attribute__ ((format (printf, 1, 2)));
data/openarena-0.8.8+dfsg/code/qcommon/qcommon.h:166:117: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL NET_OutOfBandPrint( netsrc_t net_socket, netadr_t adr, const char *format, ...) __attribute__ ((format (printf, 3, 4)));
data/openarena-0.8.8+dfsg/code/qcommon/qcommon.h:648:87: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL FS_Printf( fileHandle_t f, const char *fmt, ... ) __attribute__ ((format (printf, 2, 3)));
data/openarena-0.8.8+dfsg/code/qcommon/qcommon.h:773:73: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_Printf( const char *fmt, ... ) __attribute__ ((format (printf, 1, 2)));
data/openarena-0.8.8+dfsg/code/qcommon/qcommon.h:774:74: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_DPrintf( const char *fmt, ... ) __attribute__ ((format (printf, 1, 2)));
data/openarena-0.8.8+dfsg/code/qcommon/qcommon.h:775:82: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Com_Error( int code, const char *fmt, ... ) __attribute__ ((format (printf, 2, 3)));
data/openarena-0.8.8+dfsg/code/qcommon/qcommon.h:1020:71: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void QDECL Sys_Error( const char *error, ...) __attribute__ ((format (printf, 1, 2)));
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:91:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (filename, "%s%s", filebase, fileinfo.name);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:126:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf (text, error,argptr);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:129:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (text2, "%s\nGetLastError() = %i", text, err);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:150:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf (error,argptr);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:167:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf (format,argptr);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:185:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf (text, format, argptr);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:188:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(text);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:231:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (temp, path);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:280:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( writedir, gamedir );
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:305:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (full, path);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:308:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (full, path);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:318:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( full, path );
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:321:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (full, "%s%s", qdir, path);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:331:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( full, path );
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:334:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (full, "%s%s", gamedir, path);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:347:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (archivename, "%s/%s", archivedir, path);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:358:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (b, s);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:823:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (path, extension);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:833:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (temp,path);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:834:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (path,basepath);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:835:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (path,temp);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:924:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dest,src);
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:233:10: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
return vprintf(fmt, vp);
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:495:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf( fmt,argptr );
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:547:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( expanded, "%s_%i", sym, currentFileIndex );
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:603:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( expanded, "%s_%i", sym, currentFileIndex );
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:925:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( name, token );
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:1070:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( name, token );
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:1319:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( imageName, outputFilename );
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:1353:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( imageName, outputFilename );
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:1432:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( filename, asmFileNames[ i ] );
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:1495:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( expanded, filename );
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:1509:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( outputFilename, com_token );
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:1568:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( outputFilename, argv[ i+1 ] );
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:95:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(infos[count], info);
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:162:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, dirptr);
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:285:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, dirptr);
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:999:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lastName, menu->window.name);
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1290:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(model, UI_Cvar_VariableString("model"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1291:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(head, UI_Cvar_VariableString("headmodel"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1299:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(team, UI_Cvar_VariableString("ui_teamName"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1300:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(model, UI_Cvar_VariableString("team_model"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1301:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(head, UI_Cvar_VariableString("team_headmodel"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1332:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(model, UI_Cvar_VariableString("model"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1333:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(head, UI_Cvar_VariableString("headmodel"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1341:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(team, UI_Cvar_VariableString("ui_teamName"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1342:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(model, UI_Cvar_VariableString("team_model"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1343:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(head, UI_Cvar_VariableString("team_headmodel"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1543:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(model, UI_Cvar_VariableString("ui_opponentModel"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1544:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(headmodel, UI_Cvar_VariableString("ui_opponentModel"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1572:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(model, UI_Cvar_VariableString("ui_opponentModel"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1573:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(headmodel, UI_Cvar_VariableString("ui_opponentModel"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3565:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff, orders);
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3574:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff, orders);
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3602:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff, orders);
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5604:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(text, va("Connecting to %s", cstate.servername));
data/openarena-0.8.8+dfsg/code/ui/ui_players.c:92:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( path, item->world_model[0] );
data/openarena-0.8.8+dfsg/code/ui/ui_players.c:98:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( path, item->world_model[0] );
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:190:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&strPool[strPoolIndex], p);
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:3370:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( g_nameBind1, g_nameBind2 );
data/openarena-0.8.8+dfsg/code/cgame/cg_draw.c:464:36: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cg.headEndTime = cg.time + 100 + random() * 2000;
data/openarena-0.8.8+dfsg/code/cgame/cg_draw.c:471:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cg.headEndTime = cg.time + 100 + random() * 2000;
data/openarena-0.8.8+dfsg/code/cgame/cg_effects.c:64:34: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = cg.time + 1000 + random() * 250;
data/openarena-0.8.8+dfsg/code/cgame/cg_effects.c:634:39: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + 5000 + random() * 3000;
data/openarena-0.8.8+dfsg/code/cgame/cg_effects.c:761:40: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + 10000 + random() * 6000;
data/openarena-0.8.8+dfsg/code/cgame/cg_localents.c:197:81: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( cgs.media.bloodMarkShader, trace->endpos, trace->plane.normal, random()*360,
data/openarena-0.8.8+dfsg/code/cgame/cg_localents.c:202:80: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( cgs.media.burnMarkShader, trace->endpos, trace->plane.normal, random()*360,
data/openarena-0.8.8+dfsg/code/cgame/cg_localents.c:286:77: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( cgs.media.lbldShader2, trace->endpos, trace->plane.normal, random()*360,
data/openarena-0.8.8+dfsg/code/cgame/cg_localents.c:839:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->angles.trBase[0] = random() * 360;
data/openarena-0.8.8+dfsg/code/cgame/cg_localents.c:840:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->angles.trBase[1] = random() * 360;
data/openarena-0.8.8+dfsg/code/cgame/cg_localents.c:841:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->angles.trBase[2] = random() * 360;
data/openarena-0.8.8+dfsg/code/cgame/cg_marks.c:1987:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rndSize = 0.4 + random()*0.6;
data/openarena-0.8.8+dfsg/code/cgame/cg_marks.c:2217:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
p->vel[2] = random()*20;
data/openarena-0.8.8+dfsg/code/cgame/cg_newdraw.c:299:36: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cg.headEndTime = cg.time + 100 + random() * 2000;
data/openarena-0.8.8+dfsg/code/cgame/cg_newdraw.c:306:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
cg.headEndTime = cg.time + 100 + random() * 2000;
data/openarena-0.8.8+dfsg/code/cgame/cg_particles.c:1729:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rndSize = 0.4 + random()*0.6;
data/openarena-0.8.8+dfsg/code/cgame/cg_particles.c:1959:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
p->vel[2] = random()*20;
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:907:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random() * voiceChatList->voiceChats[i].numSounds;
data/openarena-0.8.8+dfsg/code/cgame/cg_weapons.c:52:86: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + cg_brassTime.integer + ( cg_brassTime.integer / 4 ) * random();
data/openarena-0.8.8+dfsg/code/cgame/cg_weapons.c:133:81: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
le->endTime = le->startTime + cg_brassTime.integer*3 + cg_brassTime.integer * random();
data/openarena-0.8.8+dfsg/code/cgame/cg_weapons.c:3123:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( mark, origin, dir, random()*360, color[0],color[1], color[2],1, alphaFade, radius, qfalse );
data/openarena-0.8.8+dfsg/code/cgame/cg_weapons.c:3125:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
CG_ImpactMark( mark, origin, dir, random()*360, 1,1,1,1, alphaFade, radius, qfalse );
data/openarena-0.8.8+dfsg/code/cgame/cg_weapons.c:3412:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
begin = 50 + random() * (len - 60);
data/openarena-0.8.8+dfsg/code/cgame/cg_weapons.c:3585:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( random() < cg_tracerChance.value ) {
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:244:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
count = random() * numopponents;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:314:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random() * 11.9;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:421:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > rnd) return qfalse;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:454:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > rnd) return qfalse;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:491:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > rnd) return qfalse;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:526:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > rnd) return qfalse;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:578:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > rnd) return qfalse;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:623:44: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->botdeathtype == MOD_BFG_SPLASH) && random() < 0.5) {
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:642:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else if (random() < trap_Characteristic_BFloat(bs->character, CHARACTERISTIC_CHAT_INSULT, 0, 1)) {
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:677:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > rnd) return qfalse;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:712:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else if (random() < trap_Characteristic_BFloat(bs->character, CHARACTERISTIC_CHAT_INSULT, 0, 1)) {
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:743:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > rnd) return qfalse;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:783:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > rnd * 0.5) return qfalse;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:823:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > rnd * 0.5) return qfalse;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:861:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > rnd * 0.5) return qfalse;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:899:6: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > bs->thinktime * 0.1) return qfalse;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:901:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > rnd) return qfalse;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:902:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > 0.25) return qfalse;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:921:6: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < trap_Characteristic_BFloat(bs->character, CHARACTERISTIC_CHAT_MISC, 0, 1)) {
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:446:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > (float ) 1.0 / (NumPlayersOnSameTeam(bs)-1)) return qfalse;
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:590:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:643:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:692:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:741:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:787:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:873:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:914:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:961:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1010:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1052:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1098:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1182:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1775:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->leadmessage_time = -(FloatTime() + 2 * random());
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1804:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:448:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < bs->thinktime * croucher) {
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:468:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else if (random() < bs->thinktime * 0.05) {
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:480:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else if (random() < bs->thinktime * 0.8) {
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:551:48: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->defendaway_time = FloatTime() + 3 + 3 * random();
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:577:48: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->defendaway_time = FloatTime() + 3 + 3 * random();
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:642:48: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->defendaway_time = FloatTime() + 3 + 3 * random();
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:744:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < bs->thinktime * 0.8) {
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:754:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < bs->thinktime * croucher) {
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:890:53: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->rushbaseaway_time = FloatTime() + 5 + 10 * random();
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:989:49: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->attackaway_time = FloatTime() + 2 + 5 * random();
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1032:49: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->attackaway_time = FloatTime() + 3 + 5 * random();
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1037:49: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->attackaway_time = FloatTime() + 3 + 5 * random();
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1095:49: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->attackaway_time = FloatTime() + 2 + 5 * random();
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1116:50: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->harvestaway_time = FloatTime() + 4 + 3 * random();
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1336:40: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->respawn_time = FloatTime() + 1 + random();
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1691:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < bs->thinktime * 0.8) {
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1826:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < bs->thinktime * 0.8) {
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1930:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < bs->thinktime * 1) {
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:2017:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < bs->thinktime * 0.8) {
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:2033:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else if (random() < bs->thinktime * 0.8) {
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:2135:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < 0.2) {
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:644:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < 0.5) {
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:701:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:755:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:771:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random();
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1077:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1093:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random();
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1191:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1207:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random();
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1336:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1382:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random();
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:2582:62: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else bs->teamgoal_time = FloatTime() + 120 + 180 * camper + random() * 15;
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:2617:6: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > camper) {
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:2695:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random();
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:2698:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < 0.5) bestorg[0] -= 800 * random() + 100;
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:2698:44: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < 0.5) bestorg[0] -= 800 * random() + 100;
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:2699:29: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else bestorg[0] += 800 * random() + 100;
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:2703:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < 0.5) bestorg[1] -= 800 * random() + 100;
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:2703:44: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < 0.5) bestorg[1] -= 800 * random() + 100;
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:2704:29: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else bestorg[1] += 800 * random() + 100;
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:2787:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < jumper) {
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:2791:55: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
else if (bs->attackcrouch_time < FloatTime() - 1 && random() < croucher) {
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:2833:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > 0.935) {
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:2850:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > 0.9) {
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:3455:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > 0.1) aim_accuracy *= 0.4f;
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:3700:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() > firethrottle) {
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4516:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
angles[1] = random() * 360;
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4592:30: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VectorSet(angles, 0, 360 * random(), 0);
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4726:58: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (m.type == CMS_CHAT && m.time > FloatTime() - (1 + random())) break;
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4787:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < 1.5 / (NumBots()+1) && random() < chat_reply) {
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4787:44: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < 1.5 / (NumBots()+1) && random() < chat_reply) {
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:5203:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = (float) random() * numaltroutegoals;
data/openarena-0.8.8+dfsg/code/game/ai_team.c:2123:49: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->askteamleader_time = FloatTime() + 5 + random() * 10;
data/openarena-0.8.8+dfsg/code/game/ai_team.c:2126:52: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->becometeamleader_time = FloatTime() + 5 + random() * 10;
data/openarena-0.8.8+dfsg/code/game/ai_team.c:2134:51: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->becometeamleader_time = FloatTime() + 8 + random() * 10;
data/openarena-0.8.8+dfsg/code/game/ai_team.c:2189:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < 0.4) {
data/openarena-0.8.8+dfsg/code/game/ai_team.c:2232:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random() < 0.4) {
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:90:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:125:44: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:143:44: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:190:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:276:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:332:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:379:43: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bs->teammessage_time = FloatTime() + 2 * random();
data/openarena-0.8.8+dfsg/code/game/bg_lib.c:770:6: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void srand( unsigned seed ) {
data/openarena-0.8.8+dfsg/code/game/bg_lib.h:82:6: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void srand( unsigned seed );
data/openarena-0.8.8+dfsg/code/game/g_bot.c:272:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
num = random() * num;
data/openarena-0.8.8+dfsg/code/game/g_client.c:237:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rnd = random() * (numSpots / 2);
data/openarena-0.8.8+dfsg/code/game/g_items.c:552:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ent->random ) {
data/openarena-0.8.8+dfsg/code/game/g_items.c:553:31: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
respawn += crandom() * ent->random;
data/openarena-0.8.8+dfsg/code/game/g_items.c:952:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
G_SpawnFloat( "random", "0", &ent->random );
data/openarena-0.8.8+dfsg/code/game/g_local.h:180:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
float random;
data/openarena-0.8.8+dfsg/code/game/g_main.c:698:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand( randomSeed );
data/openarena-0.8.8+dfsg/code/game/g_misc.c:274:25: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
deg = crandom() * ent->random;
data/openarena-0.8.8+dfsg/code/game/g_misc.c:277:25: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
deg = crandom() * ent->random;
data/openarena-0.8.8+dfsg/code/game/g_misc.c:312:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( !ent->random ) {
data/openarena-0.8.8+dfsg/code/game/g_misc.c:315:33: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->random = sin( M_PI * ent->random / 180 );
data/openarena-0.8.8+dfsg/code/game/g_missile.c:827:6: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
r = random() * M_PI * 2.0f;
data/openarena-0.8.8+dfsg/code/game/g_missile.c:836:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
scale = 555 + random() * 1800;
data/openarena-0.8.8+dfsg/code/game/g_spawn.c:110:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
{"random", FOFS(random), F_FLOAT},
data/openarena-0.8.8+dfsg/code/game/g_target.c:99:51: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->nextthink = level.time + ( ent->wait + ent->random * crandom() ) * 1000;
data/openarena-0.8.8+dfsg/code/game/g_target.c:203:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
G_SpawnFloat( "random", "0", &ent->random );
data/openarena-0.8.8+dfsg/code/game/g_target.c:226:26: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->s.clientNum = ent->random * 10;
data/openarena-0.8.8+dfsg/code/game/g_trigger.c:66:52: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->nextthink = level.time + ( ent->wait + ent->random * crandom() ) * 1000;
data/openarena-0.8.8+dfsg/code/game/g_trigger.c:96:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
G_SpawnFloat( "random", "0", &ent->random );
data/openarena-0.8.8+dfsg/code/game/g_trigger.c:98:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( ent->random >= ent->wait && ent->wait >= 0 ) {
data/openarena-0.8.8+dfsg/code/game/g_trigger.c:432:73: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
self->nextthink = level.time + 1000 * ( self->wait + crandom() * self->random );
data/openarena-0.8.8+dfsg/code/game/g_trigger.c:449:38: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
G_SpawnFloat( "random", "1", &self->random);
data/openarena-0.8.8+dfsg/code/game/g_trigger.c:455:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if ( self->random >= self->wait ) {
data/openarena-0.8.8+dfsg/code/game/g_weapon.c:1170:39: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ent->client->ps.velocity[2] = 30 + random() * 25;
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.h:584:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define random() ((rand () & 0x7fff) / ((float)0x7fff))
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.h:585:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define crandom() (2.0 * (random() - 0.5))
data/openarena-0.8.8+dfsg/code/botlib/be_aas_def.h:204:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_PATH];
data/openarena-0.8.8+dfsg/code/botlib/be_aas_def.h:205:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_PATH];
data/openarena-0.8.8+dfsg/code/botlib/be_aas_def.h:261:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *configstrings[MAX_CONFIGSTRINGS];
data/openarena-0.8.8+dfsg/code/botlib/be_ai_chat.h:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[MAX_MESSAGE_SIZE]; //message
data/openarena-0.8.8+dfsg/code/botlib/be_ai_chat.h:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/botlib/be_ai_weap.h:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_STRINGFIELD];
data/openarena-0.8.8+dfsg/code/botlib/be_ai_weap.h:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_STRINGFIELD];
data/openarena-0.8.8+dfsg/code/botlib/be_ai_weap.h:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_STRINGFIELD];
data/openarena-0.8.8+dfsg/code/botlib/be_ai_weap.h:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_STRINGFIELD];
data/openarena-0.8.8+dfsg/code/botlib/be_ai_weap.h:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char projectile[MAX_STRINGFIELD];
data/openarena-0.8.8+dfsg/code/botlib/be_ai_weight.h:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/botlib/botlib.h:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/openarena-0.8.8+dfsg/code/botlib/l_precomp.h:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[1024]; //file name of the script
data/openarena-0.8.8+dfsg/code/botlib/l_precomp.h:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char includepath[1024]; //path to include files
data/openarena-0.8.8+dfsg/code/botlib/l_precomp.h:170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_TOKENLENGTH];
data/openarena-0.8.8+dfsg/code/botlib/l_script.h:159:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_TOKEN]; //available token
data/openarena-0.8.8+dfsg/code/botlib/l_script.h:176:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[1024]; //file name of the script
data/openarena-0.8.8+dfsg/code/cgame/cg_consolecmds.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char test[4];
data/openarena-0.8.8+dfsg/code/cgame/cg_consolecmds.c:59:54: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
trap_SendConsoleCommand( va( "gc %i %i", targetNum, atoi( test ) ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_consolecmds.c:163:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/openarena-0.8.8+dfsg/code/cgame/cg_consolecmds.c:225:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[128];
data/openarena-0.8.8+dfsg/code/cgame/cg_consolecmds.c:226:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[128];
data/openarena-0.8.8+dfsg/code/cgame/cg_consolecmds.c:240:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[128];
data/openarena-0.8.8+dfsg/code/cgame/cg_consolecmds.c:241:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[128];
data/openarena-0.8.8+dfsg/code/cgame/cg_consolecmds.c:255:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[128];
data/openarena-0.8.8+dfsg/code/cgame/cg_consolecmds.c:256:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[128];
data/openarena-0.8.8+dfsg/code/cgame/cg_consolecmds.c:270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[128];
data/openarena-0.8.8+dfsg/code/cgame/cg_consolecmds.c:271:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[128];
data/openarena-0.8.8+dfsg/code/cgame/cg_consolecmds.c:406:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[128];
data/openarena-0.8.8+dfsg/code/cgame/cg_consolecmds.c:457:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/cgame/cg_consolecmds.c:460:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !atoi(var) ) {
data/openarena-0.8.8+dfsg/code/cgame/cg_draw.c:41:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char systemChat[256];
data/openarena-0.8.8+dfsg/code/cgame/cg_draw.c:42:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamChat1[256];
data/openarena-0.8.8+dfsg/code/cgame/cg_draw.c:43:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamChat2[256];
data/openarena-0.8.8+dfsg/code/cgame/cg_draw.c:148:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&newColor[0], &color[0], sizeof(vec4_t));
data/openarena-0.8.8+dfsg/code/cgame/cg_draw.c:213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16], *ptr;
data/openarena-0.8.8+dfsg/code/cgame/cg_draw.c:1196:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char st[16];
data/openarena-0.8.8+dfsg/code/cgame/cg_draw.c:1934:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/openarena-0.8.8+dfsg/code/cgame/cg_draw.c:2284:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linebuffer[1024];
data/openarena-0.8.8+dfsg/code/cgame/cg_draw.c:2607:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rendererinfos[128];
data/openarena-0.8.8+dfsg/code/cgame/cg_draw.c:3056:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s [32];
data/openarena-0.8.8+dfsg/code/cgame/cg_event.c:41:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[64];
data/openarena-0.8.8+dfsg/code/cgame/cg_event.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char targetName[32];
data/openarena-0.8.8+dfsg/code/cgame/cg_event.c:90:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attackerName[32];
data/openarena-0.8.8+dfsg/code/cgame/cg_event.c:242:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( attackerName, "noname" );
data/openarena-0.8.8+dfsg/code/cgame/cg_event.c:425:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char weapon[5];
data/openarena-0.8.8+dfsg/code/cgame/cg_info.c:99:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char personality[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_info.c:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_info.c:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iconName[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_info.c:156:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/openarena-0.8.8+dfsg/code/cgame/cg_info.c:192:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !atoi( buf ) ) {
data/openarena-0.8.8+dfsg/code/cgame/cg_info.c:287:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atoi( Info_ValueForKey( info, "timelimit" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_info.c:295:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atoi( Info_ValueForKey( info, "fraglimit" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_info.c:304:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atoi( Info_ValueForKey( info, "capturelimit" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:319:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:350:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelName[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:351:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skinName[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:352:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headModelName[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:353:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headSkinName[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:354:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redTeam[MAX_TEAMNAME];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:355:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blueTeam[MAX_TEAMNAME];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:541:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infoScreenText[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:560:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char killerName[MAX_NAME_LENGTH];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:561:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spectatorList[MAX_STRING_CHARS]; // list of names
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:577:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char centerPrint[1024];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:662:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char testModelName[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:1091:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:1092:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redTeam[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:1093:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blueTeam[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:1099:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char voteString[MAX_STRING_TOKENS];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:1105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamVoteString[2][MAX_STRING_TOKENS];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:1130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domination_points_names[MAX_DOMINATION_POINTS][MAX_DOMINATION_POINTS_NAMES];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:1153:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamChatMsgs[TEAMCHAT_HEIGHT][TEAMCHAT_WIDTH*3+1];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:1174:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char acceptVoice[MAX_NAME_LENGTH];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:1466:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char systemChat[256];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:1467:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char teamChat1[256];
data/openarena-0.8.8+dfsg/code/cgame/cg_local.h:1468:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char teamChat2[256];
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:478:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char var[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:487:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.localServer = atoi( var );
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:596:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:607:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:618:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:629:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:644:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:663:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:690:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data, start, len);
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:712:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char items[MAX_ITEMS+1];
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:713:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:994:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char items[MAX_ITEMS+1];
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:995:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *sb_nums[11] = {
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:1263:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[10];
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:1405:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parm1[MAX_QPATH], parm2[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:1422:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_MENUFILE];
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:1673:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_MENUDEFFILE];
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:1928:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[128];
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:1986:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:2132:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.levelStartTime = atoi( s );
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:2259:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rendererinfos[128];
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:2263:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(cg_autovertex.integer && atoi( rendererinfos ) == 0 ) {
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:2273:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(atoi( rendererinfos ) > 80 ) {
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:2279:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi( rendererinfos )!=0 && atoi( rendererinfos )!=1 ) {
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:2279:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi( rendererinfos )!=0 && atoi( rendererinfos )!=1 ) {
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:2287:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(atoi( rendererinfos ) > 20 ) {
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:2293:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(atoi( rendererinfos ) > 3 ) {
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:2296:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if(atoi( rendererinfos ) < 0 ) {
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:2302:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(atoi( rendererinfos ) > 2 ) {
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:2305:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if(atoi( rendererinfos ) < 0 ) {
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:2311:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(atoi( rendererinfos ) > 2 ) {
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:2314:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if(atoi( rendererinfos ) < 0 ) {
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:2320:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(atoi( rendererinfos ) > 2 ) {
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:2323:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if(atoi( rendererinfos ) < 0 ) {
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:2331:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(atoi( rendererinfos ) != 0 ) {
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:2337:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(atoi( rendererinfos ) == 0 ) {
data/openarena-0.8.8+dfsg/code/cgame/cg_marks.c:222:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( mark->verts, verts, mf->numPoints * sizeof( verts[0] ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_marks.c:367:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *shaderAnimNames[MAX_SHADER_ANIMS] = {
data/openarena-0.8.8+dfsg/code/cgame/cg_marks.c:1582:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = atoi (token);
data/openarena-0.8.8+dfsg/code/cgame/cg_marks.c:1615:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
numparticles = atoi (token);
data/openarena-0.8.8+dfsg/code/cgame/cg_marks.c:1618:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
turb = atoi (token);
data/openarena-0.8.8+dfsg/code/cgame/cg_marks.c:1621:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
snum = atoi (token);
data/openarena-0.8.8+dfsg/code/cgame/cg_newdraw.c:190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/openarena-0.8.8+dfsg/code/cgame/cg_newdraw.c:250:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/openarena-0.8.8+dfsg/code/cgame/cg_newdraw.c:331:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/openarena-0.8.8+dfsg/code/cgame/cg_newdraw.c:350:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/openarena-0.8.8+dfsg/code/cgame/cg_newdraw.c:476:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/openarena-0.8.8+dfsg/code/cgame/cg_newdraw.c:593:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/openarena-0.8.8+dfsg/code/cgame/cg_newdraw.c:613:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/openarena-0.8.8+dfsg/code/cgame/cg_newdraw.c:626:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/openarena-0.8.8+dfsg/code/cgame/cg_newdraw.c:748:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/openarena-0.8.8+dfsg/code/cgame/cg_newdraw.c:835:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[16];
data/openarena-0.8.8+dfsg/code/cgame/cg_particles.c:94:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *shaderAnimNames[MAX_SHADER_ANIMS] = {
data/openarena-0.8.8+dfsg/code/cgame/cg_particles.c:1324:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
type = atoi (token);
data/openarena-0.8.8+dfsg/code/cgame/cg_particles.c:1357:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
numparticles = atoi (token);
data/openarena-0.8.8+dfsg/code/cgame/cg_particles.c:1360:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
turb = atoi (token);
data/openarena-0.8.8+dfsg/code/cgame/cg_particles.c:1363:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
snum = atoi (token);
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:26:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cg_customSoundNames[MAX_CUSTOM_SOUNDS] = {
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[20000];
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:208:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].firstFrame = atoi( token );
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:221:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].numFrames = atoi( token );
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:235:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].loopFrames = atoi( token );
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:255:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&animations[LEGS_BACKCR], &animations[LEGS_WALKCR], sizeof(animation_t));
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:258:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&animations[LEGS_BACKWALK], &animations[LEGS_WALK], sizeof(animation_t));
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:465:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:523:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH*2];
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:525:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newTeamName[MAX_QPATH*2];
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:626:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
val = atoi( v );
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:656:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamname[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:908:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.botSkill = atoi( v );
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:912:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.handicap = atoi( v );
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:916:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.wins = atoi( v );
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:920:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.losses = atoi( v );
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:924:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.team = atoi( v );
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:928:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.teamTask = atoi(v);
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:932:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.teamLeader = atoi(v);
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:945:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelStr[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:989:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelStr[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:2462:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&powerup, &torso, sizeof(torso));
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:2470:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&powerup, &torso, sizeof(torso));
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:2478:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&powerup, &torso, sizeof(torso));
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:2486:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&powerup, &torso, sizeof(torso));
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:2505:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&powerup, &torso, sizeof(torso));
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:2529:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&powerup, &torso, sizeof(torso));
data/openarena-0.8.8+dfsg/code/cgame/cg_scoreboard.c:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:70:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.numScores = atoi( CG_Argv( 1 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:75:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.teamScores[0] = atoi( CG_Argv( 2 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:76:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.teamScores[1] = atoi( CG_Argv( 3 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:78:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.roundStartTime = atoi( CG_Argv( 4 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:94:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].client = atoi( CG_Argv( i * NUM_DATA + FIRST_DATA + 1 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:95:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].score = atoi( CG_Argv( i * NUM_DATA + FIRST_DATA + 2 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:96:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].ping = atoi( CG_Argv( i * NUM_DATA + FIRST_DATA + 3 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:97:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].time = atoi( CG_Argv( i * NUM_DATA + FIRST_DATA + 4 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:98:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].scoreFlags = atoi( CG_Argv( i * NUM_DATA + FIRST_DATA + 5 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:99:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
powerups = atoi( CG_Argv( i * NUM_DATA + FIRST_DATA + 6 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:100:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].accuracy = atoi(CG_Argv(i * NUM_DATA + FIRST_DATA + 7));
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:101:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].impressiveCount = atoi(CG_Argv(i * NUM_DATA + FIRST_DATA + 8));
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:102:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].excellentCount = atoi(CG_Argv(i * NUM_DATA + FIRST_DATA + 9));
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:103:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].guantletCount = atoi(CG_Argv(i * NUM_DATA + FIRST_DATA + 10));
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:104:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].defendCount = atoi(CG_Argv(i * NUM_DATA + FIRST_DATA + 11));
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:105:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].assistCount = atoi(CG_Argv(i * NUM_DATA + FIRST_DATA + 12));
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:106:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].perfect = atoi(CG_Argv(i * NUM_DATA + FIRST_DATA + 13));
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:107:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].captures = atoi(CG_Argv(i * NUM_DATA + FIRST_DATA + 14));
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:108:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.scores[i].isDead = atoi(CG_Argv(i * NUM_DATA + FIRST_DATA + 15));
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:130:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.accuracys[i-WP_MACHINEGUN][0] = atoi( CG_Argv( (i-WP_MACHINEGUN)*2 + 1 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:131:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.accuracys[i-WP_MACHINEGUN][1] = atoi( CG_Argv( (i-WP_MACHINEGUN)*2 + 2 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:149:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.scores1 = atoi( CG_Argv( 1 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:150:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.scores2 = atoi( CG_Argv( 2 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:152:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.roundStartTime = atoi( CG_Argv( 3 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:163:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[1024];
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:207:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.timetaken = atoi( CG_Argv( 1 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:218:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.domination_points_count = atoi( CG_Argv( 1 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:237:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if( cgs.domination_points_count!=atoi( CG_Argv(1) ) ) {
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:242:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.domination_points_status[i] = atoi( CG_Argv(2+i) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:253:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
addChallenge(atoi( CG_Argv(1) ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:257:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.redObeliskHealth = atoi( CG_Argv(1) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:258:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.blueObeliskHealth = atoi( CG_Argv(2) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:265:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.respawnTime = atoi( CG_Argv(1) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:288:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
temp = atoi( CG_Argv( 1 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:307:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
numSortedTeamPlayers = atoi( CG_Argv( 1 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:316:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
client = atoi( CG_Argv( i * 6 + 2 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:326:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.clientinfo[ client ].location = atoi( CG_Argv( i * 6 + 3 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:327:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.clientinfo[ client ].health = atoi( CG_Argv( i * 6 + 4 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:328:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.clientinfo[ client ].armor = atoi( CG_Argv( i * 6 + 5 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:329:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.clientinfo[ client ].curWeapon = atoi( CG_Argv( i * 6 + 6 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:330:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.clientinfo[ client ].powerups = atoi( CG_Argv( i * 6 + 7 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:348:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.gametype = atoi( Info_ValueForKey( info, "g_gametype" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:355:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.dmflags = atoi( Info_ValueForKey( info, "dmflags" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:356:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.videoflags = atoi( Info_ValueForKey( info, "videoflags" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:357:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.elimflags = atoi( Info_ValueForKey( info, "elimflags" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:358:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.teamflags = atoi( Info_ValueForKey( info, "teamflags" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:359:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.fraglimit = atoi( Info_ValueForKey( info, "fraglimit" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:360:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.capturelimit = atoi( Info_ValueForKey( info, "capturelimit" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:361:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.timelimit = atoi( Info_ValueForKey( info, "timelimit" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:362:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.maxclients = atoi( Info_ValueForKey( info, "sv_maxclients" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:363:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.roundtime = atoi( Info_ValueForKey( info, "elimination_roundtime" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:364:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.nopickup = atoi( Info_ValueForKey( info, "g_rockets" ) ) + atoi( Info_ValueForKey( info, "g_instantgib" ) ) + atoi( Info_ValueForKey( info, "g_elimination" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:364:65: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.nopickup = atoi( Info_ValueForKey( info, "g_rockets" ) ) + atoi( Info_ValueForKey( info, "g_instantgib" ) ) + atoi( Info_ValueForKey( info, "g_elimination" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:364:116: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.nopickup = atoi( Info_ValueForKey( info, "g_rockets" ) ) + atoi( Info_ValueForKey( info, "g_instantgib" ) ) + atoi( Info_ValueForKey( info, "g_elimination" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:365:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.lms_mode = atoi( Info_ValueForKey( info, "g_lms_mode" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:366:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.altExcellent = atoi( Info_ValueForKey( info, "g_altExcellent" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:376:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.delagHitscan = atoi( Info_ValueForKey( info, "g_delagHitscan" ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:395:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
warmup = atoi( info );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:424:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.scores1 = atoi( CG_ConfigString( CS_SCORES1 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:425:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.scores2 = atoi( CG_ConfigString( CS_SCORES2 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:426:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.levelStartTime = atoi( CG_ConfigString( CS_LEVEL_START_TIME ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:438:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.warmup = atoi( CG_ConfigString( CS_WARMUP ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:447:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char originalShader[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:448:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newShader[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:449:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timeOffset[16];
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:491:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( CG_Argv( 1 ) );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:508:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.scores1 = atoi( str );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:510:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.scores2 = atoi( str );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:512:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.levelStartTime = atoi( str );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:514:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.voteTime = atoi( str );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:517:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.voteYes = atoi( str );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:520:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.voteNo = atoi( str );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:528:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.teamVoteTime[num-CS_TEAMVOTE_TIME] = atoi( str );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:531:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.teamVoteYes[num-CS_TEAMVOTE_YES] = atoi( str );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:534:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cgs.teamVoteNo[num-CS_TEAMVOTE_NO] = atoi( str );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:542:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cg.intermissionStarted = atoi( str );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:706:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[64];
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:709:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chats[MAX_VOICESOUNDS][MAX_CHATSIZE];
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:714:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:722:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headmodel[64];
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:737:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_VOICEFILESIZE];
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:858:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_VOICEFILESIZE];
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:924:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH], headModelName[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:1015:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[MAX_SAY_TEXT];
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:1016:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[MAX_SAY_TEXT];
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:1086:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&voiceChatBuffer[cg.voiceChatBufferIn], vchat, sizeof(bufferedVoiceChat_t));
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:1155:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
voiceOnly = atoi(CG_Argv(1));
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:1156:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
clientNum = atoi(CG_Argv(2));
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:1157:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
color = atoi(CG_Argv(3));
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:1199:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_SAY_TEXT];
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:1323:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader1[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:1324:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader2[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:1325:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader3[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:1372:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infoString[1024];
data/openarena-0.8.8+dfsg/code/cgame/cg_snapshot.c:110:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(¢->currentState, state, sizeof(entityState_t));
data/openarena-0.8.8+dfsg/code/cgame/cg_snapshot.c:216:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(¢->nextState, es, sizeof(entityState_t));
data/openarena-0.8.8+dfsg/code/cgame/cg_weapons.c:770:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/cgame/cg_weapons.c:821:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( path, "_flash.md3" );
data/openarena-0.8.8+dfsg/code/cgame/cg_weapons.c:826:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( path, "_barrel.md3" );
data/openarena-0.8.8+dfsg/code/cgame/cg_weapons.c:831:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( path, "_hand.md3" );
data/openarena-0.8.8+dfsg/code/cgame/cg_weapons.c:2591:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi( CG_Argv( 1 ) );
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:82:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(Info_ValueForKey(buf, "t")) == TEAM_SPECTATOR) continue;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:109:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(Info_ValueForKey(buf, "t")) == TEAM_SPECTATOR) continue;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:124:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:137:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(Info_ValueForKey(buf, "t")) == TEAM_SPECTATOR) continue;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:152:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:153:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[32];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:167:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(Info_ValueForKey(buf, "t")) == TEAM_SPECTATOR) continue;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:186:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:187:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[32];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:201:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(Info_ValueForKey(buf, "t")) == TEAM_SPECTATOR) continue;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:220:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:223:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[32];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:237:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(Info_ValueForKey(buf, "t")) == TEAM_SPECTATOR) continue;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[1024];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:264:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mapname[128];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:410:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:443:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:476:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:508:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:568:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:585:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "[world]");
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:667:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:729:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:763:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32], *weap;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:802:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32], *weap;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:847:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32], *weap;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:886:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:966:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:196:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(goal, &cp->goal, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:209:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestring[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:247:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:295:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:317:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyarea[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:397:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addressedto[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:398:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:399:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:400:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char botname[128];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:494:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teammate[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:495:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:496:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:619:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:620:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:669:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:718:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:765:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:766:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:806:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:807:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:897:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:936:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:986:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1031:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1073:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teammatename[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1201:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teammate[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1226:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1271:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1326:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1349:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1374:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1397:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teammate[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1423:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teammate[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1424:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1452:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1469:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1470:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char goalname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1572:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1586:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1606:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(goal, &tmpgoal, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1622:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1716:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE], teammate[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1784:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char enemy[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1785:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1823:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flag[128], netname[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1867:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1881:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:63:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nodeswitch[MAX_NODESWITCHES+1][144];
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:315:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[128];
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:340:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:341:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:388:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(goal, &bs->teamgoal, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:516:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(goal, &bs->teamgoal, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:546:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(goal, &ctf_redflag, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:572:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(goal, &ctf_blueflag, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:630:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(goal, &bs->teamgoal, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:688:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(goal, &bs->teamgoal, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:721:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(goal, &bs->teamgoal, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:793:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
if (wp->next) strcat(buf, " to ");
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:837:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(goal, &bs->curpatrolpoint->goal, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:853:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_RED: memcpy(goal, &ctf_blueflag, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:854:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_BLUE: memcpy(goal, &ctf_redflag, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:876:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_RED: memcpy(goal, &ctf_redflag, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:877:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_BLUE: memcpy(goal, &ctf_blueflag, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:911:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_RED: memcpy(goal, &ctf_blueflag, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:912:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_BLUE: memcpy(goal, &ctf_redflag, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:935:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(goal, &ctf_neutralflag, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:949:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_RED: memcpy(goal, &ctf_blueflag, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:950:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_BLUE: memcpy(goal, &ctf_redflag, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:979:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_RED: memcpy(goal, &ctf_blueflag, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:980:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_BLUE: memcpy(goal, &ctf_redflag, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1022:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_RED: memcpy(goal, &blueobelisk, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1023:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_BLUE: memcpy(goal, &redobelisk, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1052:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_RED: memcpy(goal, &blueobelisk, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1053:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_BLUE: memcpy(goal, &redobelisk, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1085:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_RED: memcpy(goal, &blueobelisk, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1086:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_BLUE: memcpy(goal, &redobelisk, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1109:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(goal, &neutralobelisk, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teammate[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1191:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(goal, &bs->lead_teamgoal, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1736:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[144];
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:1869:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[144];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char allowedGametypes[MAX_EPAIRKEY];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:379:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bs->lastgoal_teamgoal, &bs->teamgoal, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:482:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bs->teamgoal, &bs->lastgoal_teamgoal, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:786:32: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (BotTeam(bs) == TEAM_RED) memcpy(&bs->teamgoal, &ctf_redflag, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:787:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(&bs->teamgoal, &ctf_blueflag, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:874:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bs->teamgoal, &ctf_redflag, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:876:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bs->teamgoal, &ctf_blueflag, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:887:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bs->teamgoal, &ctf_redflag, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:894:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bs->teamgoal, &ctf_blueflag, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:991:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (BotTeam(bs) == TEAM_RED) memcpy(&bs->teamgoal, &ctf_blueflag, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:992:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(&bs->teamgoal, &ctf_redflag, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1024:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (BotTeam(bs) == TEAM_RED) memcpy(&bs->teamgoal, &ctf_redflag, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1025:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(&bs->teamgoal, &ctf_blueflag, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1106:32: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (BotTeam(bs) == TEAM_RED) memcpy(&bs->teamgoal, &ctf_redflag, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1107:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(&bs->teamgoal, &ctf_blueflag, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1212:32: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (BotTeam(bs) == TEAM_RED) memcpy(&bs->teamgoal, &blueobelisk, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1213:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(&bs->teamgoal, &redobelisk, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1226:32: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (BotTeam(bs) == TEAM_RED) memcpy(&bs->teamgoal, &redobelisk, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1227:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(&bs->teamgoal, &blueobelisk, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1250:31: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (BotTeam(bs) == TEAM_RED) memcpy(&bs->teamgoal, &blueobelisk, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1251:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(&bs->teamgoal, &redobelisk, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1392:32: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (BotTeam(bs) == TEAM_RED) memcpy(&bs->teamgoal, &redobelisk, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1393:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(&bs->teamgoal, &blueobelisk, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1504:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1523:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1542:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1562:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1603:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:2188:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:2191:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(Info_ValueForKey(buf, "t")) == TEAM_SPECTATOR) return qtrue;
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:2578:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bs->teamgoal, goal, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:2635:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bestgoal, &goal, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:3783:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[1024];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:3784:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[128];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:3923:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[128];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:3936:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modelindex = atoi(model+1);
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4076:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4083:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modelindex = atoi(model+1);
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[128];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4121:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modelindex = atoi(model+1);
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4192:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bs->activategoalheap[best], activategoal, sizeof(bot_activategoal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4266:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_INFO_STRING], tmpmodel[128];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4267:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target[128], classname[128];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char targetname[10][128];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4314:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modelindex = atoi(model+1);
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4482:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4483:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char classname[128];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4484:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4713:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char botname[MAX_NETNAME], message[MAX_MESSAGE_SIZE], netname[MAX_NETNAME], *ptr;
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:4874:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:5177:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(goal, &bs->altroutegoal, sizeof(bot_goal_t));
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:5307:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gender[144], name[144], buf[144];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:5308:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:5459:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:5492:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[128];
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:5566:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
modelnum = atoi(model+1);
data/openarena-0.8.8+dfsg/code/game/ai_main.c:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2048];
data/openarena-0.8.8+dfsg/code/game/ai_main.c:175:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( state, &ent->client->ps, sizeof(playerState_t) );
data/openarena-0.8.8+dfsg/code/game/ai_main.c:193:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( state, &ent->s, sizeof(entityState_t) );
data/openarena-0.8.8+dfsg/code/game/ai_main.c:225:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *vars[MAX_MATCHVARIABLES];
data/openarena-0.8.8+dfsg/code/game/ai_main.c:280:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char goalname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_main.c:281:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_main.c:282:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *leader, flagstatus[32];
data/openarena-0.8.8+dfsg/code/game/ai_main.c:288:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(flagstatus, " ");
data/openarena-0.8.8+dfsg/code/game/ai_main.c:400:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_main.c:411:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(Info_ValueForKey(buf, "t")) == TEAM_RED) {
data/openarena-0.8.8+dfsg/code/game/ai_main.c:424:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(Info_ValueForKey(buf, "t")) == TEAM_BLUE) {
data/openarena-0.8.8+dfsg/code/game/ai_main.c:436:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char goalname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_main.c:437:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_main.c:438:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char action[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_main.c:439:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *leader, carrying[32], *cs;
data/openarena-0.8.8+dfsg/code/game/ai_main.c:446:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(carrying, " ");
data/openarena-0.8.8+dfsg/code/game/ai_main.c:449:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(carrying, "F ");
data/openarena-0.8.8+dfsg/code/game/ai_main.c:454:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(carrying, "F ");
data/openarena-0.8.8+dfsg/code/game/ai_main.c:563:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_main.c:997:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024], *args;
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1187:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_PATH], name[MAX_PATH], gender[MAX_PATH];
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1219:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bs->settings, settings, sizeof(bot_settings_t));
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1349:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&settings, &bs->settings, sizeof(bot_settings_t));
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1350:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ps, &bs->cur_ps, sizeof(playerState_t));
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1370:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bs->cur_ps, &ps, sizeof(playerState_t));
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1371:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bs->settings, &settings, sizeof(bot_settings_t));
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1613:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[144];
data/openarena-0.8.8+dfsg/code/game/ai_main.h:105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/openarena-0.8.8+dfsg/code/game/ai_main.h:261:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamleader[32]; //netname of the team leader
data/openarena-0.8.8+dfsg/code/game/ai_main.h:274:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subteam[32]; //sub team name
data/openarena-0.8.8+dfsg/code/game/ai_main.h:276:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char formation_teammate[16]; //netname of the team mate the bot uses for relative positioning
data/openarena-0.8.8+dfsg/code/game/ai_team.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[36];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:97:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(Info_ValueForKey(buf, "t")) == TEAM_SPECTATOR) continue;
data/openarena-0.8.8+dfsg/code/game/ai_team.c:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:155:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(Info_ValueForKey(buf, "t")) == TEAM_SPECTATOR) continue;
data/openarena-0.8.8+dfsg/code/game/ai_team.c:188:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:205:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(Info_ValueForKey(buf, "t")) == TEAM_SPECTATOR) continue;
data/openarena-0.8.8+dfsg/code/game/ai_team.c:236:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teammatename[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:249:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teammatename[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:283:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&teammates[numteammates], defenders, numdefenders * sizeof(int));
data/openarena-0.8.8+dfsg/code/game/ai_team.c:286:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&teammates[numteammates], roamers, numroamers * sizeof(int));
data/openarena-0.8.8+dfsg/code/game/ai_team.c:289:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&teammates[numteammates], attackers, numattackers * sizeof(int));
data/openarena-0.8.8+dfsg/code/game/ai_team.c:301:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamchat[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:302:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:303:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:328:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:389:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME], carriername[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:503:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:663:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME], carriername[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:768:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:818:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:1018:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME], leadername[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:1048:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:1060:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(Info_ValueForKey(buf, "t")) == TEAM_SPECTATOR) continue;
data/openarena-0.8.8+dfsg/code/game/ai_team.c:1115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:1264:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME], carriername[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:1469:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:1618:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:1781:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:1930:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_team.c:2109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:168:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_RED: memcpy(&bs->teamgoal, &redobelisk, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:169:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_BLUE: memcpy(&bs->teamgoal, &blueobelisk, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:177:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_RED: memcpy(&bs->teamgoal, &ctf_redflag, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:178:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case TEAM_BLUE: memcpy(&bs->teamgoal, &ctf_blueflag, sizeof(bot_goal_t)); break;
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:302:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:406:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:420:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_MESSAGE_SIZE];
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:439:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:460:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:498:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ptr, buf[MAX_MESSAGE_SIZE], *cmd;
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:512:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
voiceOnly = atoi(ptr);
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:515:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
clientNum = atoi(ptr);
data/openarena-0.8.8+dfsg/code/game/ai_vcmd.c:518:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
color = atoi(ptr);
data/openarena-0.8.8+dfsg/code/game/bg_alloc.c:46:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char memoryPool[POOLSIZE];
data/openarena-0.8.8+dfsg/code/game/bg_lib.c:301:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)dest)[i] = ((char *)src)[i];
data/openarena-0.8.8+dfsg/code/game/bg_lib.c:301:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)dest)[i] = ((char *)src)[i];
data/openarena-0.8.8+dfsg/code/game/bg_lib.c:305:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)dest)[i] = ((char *)src)[i];
data/openarena-0.8.8+dfsg/code/game/bg_lib.c:305:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)dest)[i] = ((char *)src)[i];
data/openarena-0.8.8+dfsg/code/game/bg_lib.c:320:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)dest)[count] = c;
data/openarena-0.8.8+dfsg/code/game/bg_lib.c:325:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
void *memcpy( void *dest, const void *src, size_t count ) {
data/openarena-0.8.8+dfsg/code/game/bg_lib.c:327:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)dest)[count] = ((char *)src)[count];
data/openarena-0.8.8+dfsg/code/game/bg_lib.c:327:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)dest)[count] = ((char *)src)[count];
data/openarena-0.8.8+dfsg/code/game/bg_lib.c:1145:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int atoi( const char *string ) {
data/openarena-0.8.8+dfsg/code/game/bg_lib.c:1811:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char convert[24];
data/openarena-0.8.8+dfsg/code/game/bg_lib.c:1941:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iconvert[20];
data/openarena-0.8.8+dfsg/code/game/bg_lib.c:1942:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fconvert[20];
data/openarena-0.8.8+dfsg/code/game/bg_lib.h:100:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int atoi( const char *string );
data/openarena-0.8.8+dfsg/code/game/bg_lib.h:112:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
void *memcpy( void *dest, const void *src, size_t count );
data/openarena-0.8.8+dfsg/code/game/bg_misc.c:1567:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/openarena-0.8.8+dfsg/code/game/bg_public.h:681:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *world_model[MAX_ITEM_MODELS];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:46:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char g_bfb[ 32000 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:306:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char testName[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:307:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name2[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:399:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char levels[ MAX_STRING_CHARS ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:611:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[ MAX_STRING_CHARS ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:615:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flags[ MAX_ADMIN_FLAGS * 2 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:618:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:709:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid_stub[9];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:710:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:711:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name2[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:712:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lname[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:869:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char duration[ 32 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:885:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char duration[ 32 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:906:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[ MAX_ADMIN_CMD_LEN ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:990:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n1[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:991:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n2[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1236:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char levels[ MAX_STRING_CHARS ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1247:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
c->levels[ cmdlevel++ ] = atoi( lp );
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1331:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1332:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lstr[ 11 ]; // 10 is max strlen() for 32-bit int
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1333:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char adminname[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1334:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char testname[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1335:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid[ 33 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1353:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
l = atoi( lstr );
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1364:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi( name );
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1634:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ MAX_NAME_LENGTH ], *reason, err[ MAX_STRING_CHARS ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1691:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1692:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char secs[ MAX_TOKEN_CHARS ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1695:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char duration[ 32 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1699:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n2[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1700:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1701:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid_stub[ 9 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1906:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bs[ 5 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1914:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bnum = atoi( bs );
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1950:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char duration[ 32 ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1952:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bs[ 5 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1953:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char secs[ MAX_TOKEN_CHARS ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1963:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bnum = atoi( bs );
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2055:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ MAX_NAME_LENGTH ], team[ MAX_NAME_LENGTH ], err[ MAX_STRING_CHARS ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2101:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map[ MAX_QPATH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2127:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ MAX_NAME_LENGTH ], err[ MAX_STRING_CHARS ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2128:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[ MAX_ADMIN_CMD_LEN ], *cmd;
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2188:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2189:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2217:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start = atoi( s );
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2267:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[ 3 ], t[ 2 ]; // color and team letter
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2268:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2269:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n2[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2270:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n3[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2271:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lname[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2272:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid_stub[ 9 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2273:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char muted[ 2 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2385:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char duration[ 32 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2390:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filter[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2391:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[ 11 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2394:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n1[ MAX_NAME_LENGTH * 2 ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2395:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n2[ MAX_NAME_LENGTH * 2 ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2399:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_match[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2425:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start = atoi( filter );
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2448:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start = atoi( filter );
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2632:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char param[ MAX_ADMIN_CMD_LEN ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2825:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2826:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newname[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2827:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldname[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2828:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[ MAX_STRING_CHARS ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2829:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[ MAX_INFO_STRING ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2880:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char layout[ MAX_CVAR_VALUE_STRING ] = { "" };
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2884:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map[ MAX_QPATH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2910:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char search[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2911:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2912:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n2[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2913:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid_stub[ 9 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2965:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamName[2] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:3015:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamName[2] = {""};
data/openarena-0.8.8+dfsg/code/game/g_admin.c:3065:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME_LENGTH], err[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:3111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME_LENGTH], err[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:3144:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME_LENGTH], err[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:3146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char damage[4];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:3161:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dmg = atoi(damage);
data/openarena-0.8.8+dfsg/code/game/g_admin.c:3270:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ MAX_NAME_LENGTH ], err[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:3273:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char duration[ 32 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:3274:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.c:3410:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m2[ MAX_STRING_CHARS ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:100:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:101:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flags[ MAX_ADMIN_FLAGS ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:107:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid[ 33 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:108:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:110:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flags[ MAX_ADMIN_FLAGS ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:116:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:117:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid[ 33 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:118:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[ 40 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:119:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reason[ MAX_ADMIN_BAN_REASON ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:120:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char made[ 18 ]; // big enough for strftime() %c
data/openarena-0.8.8+dfsg/code/game/g_admin.h:122:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char banner[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:128:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[ MAX_ADMIN_CMD_LEN ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:129:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exec[ MAX_QPATH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:130:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[ 50 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:137:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ MAX_ADMIN_NAMELOG_NAMES ][ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:138:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[ 40 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:139:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid[ 33 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid[ 33 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[ 40 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:149:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char made[ 18 ];
data/openarena-0.8.8+dfsg/code/game/g_admin.h:151:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warner[MAX_NAME_LENGTH];
data/openarena-0.8.8+dfsg/code/game/g_arenas.c:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/openarena-0.8.8+dfsg/code/game/g_arenas.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *g_botInfos[MAX_BOTS];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:33:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *g_arenaInfos[MAX_ARENAS];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:106:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( token, "<NULL>" );
data/openarena-0.8.8+dfsg/code/game/g_bot.c:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_ARENAS_TEXT];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:159:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:160:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirlist[1024];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:180:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(filename, "scripts/");
data/openarena-0.8.8+dfsg/code/game/g_bot.c:216:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:243:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *value, netname[36], *teamstr;
data/openarena-0.8.8+dfsg/code/game/g_bot.c:484:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:553:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:584:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:719:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:720:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char altname[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:721:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:722:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char team[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:754:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
delay = atoi( string );
data/openarena-0.8.8+dfsg/code/game/g_bot.c:777:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:778:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char funname[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:779:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:780:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aifile[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:786:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "UnnamedPlayer");
data/openarena-0.8.8+dfsg/code/game/g_bot.c:794:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(model, "sarge/default");
data/openarena-0.8.8+dfsg/code/game/g_bot.c:798:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(aifile, "bots/default_c.c");
data/openarena-0.8.8+dfsg/code/game/g_bot.c:815:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bots[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:871:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_BOTS_TEXT];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:899:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:900:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirlist[1024];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:924:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(filename, "scripts/");
data/openarena-0.8.8+dfsg/code/game/g_bot.c:977:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:978:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/g_bot.c:994:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fragLimit = atoi( strValue );
data/openarena-0.8.8+dfsg/code/game/g_bot.c:1003:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeLimit = atoi( strValue );
data/openarena-0.8.8+dfsg/code/game/g_client.c:1104:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/game/g_client.c:1105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headModel[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/game/g_client.c:1106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldname[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_client.c:1108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_client.c:1112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c1[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/g_client.c:1113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c2[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/g_client.c:1114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char redTeam[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/g_client.c:1115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char blueTeam[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/g_client.c:1116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/g_client.c:1125:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (userinfo, "\\name\\badinfo");
data/openarena-0.8.8+dfsg/code/game/g_client.c:1136:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !atoi( s ) ) {
data/openarena-0.8.8+dfsg/code/game/g_client.c:1145:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( !atoi( s ) ) {
data/openarena-0.8.8+dfsg/code/game/g_client.c:1148:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
client->pers.delag = atoi( s );
data/openarena-0.8.8+dfsg/code/game/g_client.c:1153:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
client->pers.cmdTimeNudge = atoi( s );
data/openarena-0.8.8+dfsg/code/game/g_client.c:1260:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
health = atoi( Info_ValueForKey( userinfo, "handicap" ) );
data/openarena-0.8.8+dfsg/code/game/g_client.c:1320:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( ! *s || atoi( s ) != 0 ) {
data/openarena-0.8.8+dfsg/code/game/g_client.c:1337:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
teamTask = atoi(Info_ValueForKey(userinfo, "teamtask"));
data/openarena-0.8.8+dfsg/code/game/g_client.c:1411:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/g_client.c:1413:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reason[ MAX_STRING_CHARS ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_client.c:1538:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char motd[1024];
data/openarena-0.8.8+dfsg/code/game/g_client.c:1543:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (motd, "cp \"");
data/openarena-0.8.8+dfsg/code/game/g_client.c:1578:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/g_client.c:1710:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/g_client.c:1860:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(persistant,client->ps.persistant,MAX_PERSISTANT*sizeof(int));
data/openarena-0.8.8+dfsg/code/game/g_client.c:1891:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
client->pers.maxHealth = atoi( Info_ValueForKey( userinfo, "handicap" ) );
data/openarena-0.8.8+dfsg/code/game/g_client.c:2112:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:34:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[1024];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1400];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[1024];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[10]; //Will more likely be 2... in fact cannot be more since we are the server
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[10*(MAX_DOMINATION_POINTS+1)];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:199:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_DOMINATION_POINTS_NAMES*MAX_DOMINATION_POINTS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:340:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char line[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:342:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:352:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( line + len, arg, tlen );
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:376:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cleanName[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:380:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idnum = atoi( s );
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:635:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:636:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:644:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
task = atoi( arg );
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:712:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:902:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:954:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1014:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char args[11];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_SAY_TEXT];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char location[64];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1245:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1252:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
targetNum = atoi( arg );
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1347:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1389:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1401:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
targetNum = atoi( arg );
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1510:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1513:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
player = atoi( str );
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1515:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
order = atoi( str );
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1562:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg1[MAX_STRING_TOKENS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1563:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg2[MAX_STRING_TOKENS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1564:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1616:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer,"print \"Vote commands are: ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1618:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "map_restart, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1620:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "nextmap, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1622:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "map <mapname>, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1624:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "g_gametype <n>, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1626:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "kick <player>, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1628:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "clientkick <clientnum>, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1630:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "g_doWarmup, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1632:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "timelimit <time>, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1634:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "fraglimit <frags>, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1636:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "shuffle, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1638:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "custom <special>, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1640:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, ".\"");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1648:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer,"print \"Vote commands are: ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1650:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "map_restart, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1652:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "nextmap, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1654:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "map <mapname>, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1656:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "g_gametype <n>, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1658:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "kick <player>, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1660:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "clientkick <clientnum>, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1662:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "shuffle, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1664:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "g_doWarmup, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1666:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "timelimit <time>, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1668:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "fraglimit <frags>, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1670:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "custom <special>, ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1672:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, ".\"");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1688:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1689:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi( arg2 );
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1716:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1732:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1754:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(arg2);
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1766:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(arg2);
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1781:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(arg2);
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1791:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(arg2);
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1884:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[64];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1925:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg1[MAX_STRING_TOKENS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1926:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg2[MAX_STRING_TOKENS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1969:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME], leader[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1981:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi( arg2 );
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:2052:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[64];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:2101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:2151:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[(MAX_MAPNAME+1)*MAPS_PER_PAGE+1];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:2152:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arg[MAX_STRING_TOKENS];
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:2154:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
page = getMappage(atoi(arg));
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:2232:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[ MAX_TOKEN_CHARS ];
data/openarena-0.8.8+dfsg/code/game/g_cmds_ext.c:137:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[ MAX_NAME_LENGTH + 10 ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_cmds_ext.c:227:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n2[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_cmds_ext.c:228:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[ MAX_NAME_LENGTH ] = {""};
data/openarena-0.8.8+dfsg/code/game/g_cmds_ext.c:237:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi( s );
data/openarena-0.8.8+dfsg/code/game/g_cmds_ext.c:452:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[ 1024 ];
data/openarena-0.8.8+dfsg/code/game/g_cmds_ext.c:453:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outstring[ 1024 ];
data/openarena-0.8.8+dfsg/code/game/g_cmds_ext.c:490:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[ sizeof( "say_team" ) ];
data/openarena-0.8.8+dfsg/code/game/g_cmds_ext.c:491:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[ 50 ];
data/openarena-0.8.8+dfsg/code/game/g_cmds_ext.c:627:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_cmds_ext.c:628:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n2[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_cmds_ext.c:634:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi( s );
data/openarena-0.8.8+dfsg/code/game/g_fileops.c:48:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*v = atoi( t );
data/openarena-0.8.8+dfsg/code/game/g_fileops.c:92:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ 32 ];
data/openarena-0.8.8+dfsg/code/game/g_fileops.c:108:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ MAX_STRING_CHARS ];
data/openarena-0.8.8+dfsg/code/game/g_items.c:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/g_items.c:910:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_ITEMS+1];
data/openarena-0.8.8+dfsg/code/game/g_items.c:935:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128];
data/openarena-0.8.8+dfsg/code/game/g_killspree.c:223:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char output[ MAX_SAY_TEXT ];
data/openarena-0.8.8+dfsg/code/game/g_killspree.c:240:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char output[ MAX_SAY_TEXT ] = { "" };
data/openarena-0.8.8+dfsg/code/game/g_killspree.c:242:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ MAX_NAME_LENGTH ];
data/openarena-0.8.8+dfsg/code/game/g_killspree.c:339:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char streakcount[ 3 ];
data/openarena-0.8.8+dfsg/code/game/g_killspree.c:469:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char multiKillString[ 2 ];
data/openarena-0.8.8+dfsg/code/game/g_killspree.h:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spreeMsg[ MAX_STRING_CHARS ];
data/openarena-0.8.8+dfsg/code/game/g_killspree.h:43:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sound2Play[ MAX_STRING_CHARS ];
data/openarena-0.8.8+dfsg/code/game/g_killspree.h:52:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spreeMsg[ MAX_STRING_CHARS ];
data/openarena-0.8.8+dfsg/code/game/g_killspree.h:53:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sound2Play[ MAX_STRING_CHARS ];
data/openarena-0.8.8+dfsg/code/game/g_killspree.h:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char killMsg[ MAX_STRING_CHARS ];
data/openarena-0.8.8+dfsg/code/game/g_killspree.h:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sound2Play[ MAX_STRING_CHARS ];
data/openarena-0.8.8+dfsg/code/game/g_local.h:257:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char netname[MAX_NETNAME];
data/openarena-0.8.8+dfsg/code/game/g_local.h:293:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid[ 33 ];
data/openarena-0.8.8+dfsg/code/game/g_local.h:294:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[ 40 ];
data/openarena-0.8.8+dfsg/code/game/g_local.h:471:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char voteString[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_local.h:472:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char voteDisplayString[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_local.h:482:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamVoteString[2][MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_local.h:491:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *spawnVars[MAX_SPAWN_VARS][2]; // key / value pairs
data/openarena-0.8.8+dfsg/code/game/g_local.h:493:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spawnVarChars[MAX_SPAWN_VARS_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_local.h:533:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domination_points_names[MAX_DOMINATION_POINTS][MAX_DOMINATION_POINTS_NAMES];
data/openarena-0.8.8+dfsg/code/game/g_local.h:941:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAPS_PER_PAGE][MAX_MAPNAME];
data/openarena-0.8.8+dfsg/code/game/g_local.h:945:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char votename[MAX_CUSTOMNAME]; //Used like "/callvote custom VOTENAME"
data/openarena-0.8.8+dfsg/code/game/g_local.h:946:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char displayname[MAX_CUSTOMDISPLAYNAME]; //Displayed during voting
data/openarena-0.8.8+dfsg/code/game/g_local.h:947:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[MAX_CUSTOMCOMMAND]; //The command executed
data/openarena-0.8.8+dfsg/code/game/g_local.h:950:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char custom_vote_info[1024];
data/openarena-0.8.8+dfsg/code/game/g_local.h:966:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char characterfile[MAX_FILEPATH];
data/openarena-0.8.8+dfsg/code/game/g_local.h:968:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char team[MAX_FILEPATH];
data/openarena-0.8.8+dfsg/code/game/g_local.h:1184:59: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void trap_AdjustAreaPortalState( gentity_t *ent, qboolean open );
data/openarena-0.8.8+dfsg/code/game/g_main.c:461:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/openarena-0.8.8+dfsg/code/game/g_main.c:472:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/openarena-0.8.8+dfsg/code/game/g_main.c:538:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/openarena-0.8.8+dfsg/code/game/g_main.c:734:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/g_main.c:910:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/openarena-0.8.8+dfsg/code/game/g_main.c:921:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/openarena-0.8.8+dfsg/code/game/g_main.c:1510:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nextmap[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_main.c:1511:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d1[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_main.c:1512:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/game/g_main.c:1537:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_FILEPATH];
data/openarena-0.8.8+dfsg/code/game/g_main.c:1548:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4*1024]; // buffer to read file into
data/openarena-0.8.8+dfsg/code/game/g_main.c:1549:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapnames[1024][20]; // Array of mapnames in the map pool
data/openarena-0.8.8+dfsg/code/game/g_main.c:1627:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[1024];
data/openarena-0.8.8+dfsg/code/game/g_main.c:2655:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
SetLeader(team, atoi(level.teamVoteString[cs_offset] + 7));
data/openarena-0.8.8+dfsg/code/game/g_mem.c:33:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char memoryPool[POOLSIZE];
data/openarena-0.8.8+dfsg/code/game/g_playerstore.c:30:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char guid[GUID_SIZE+1]; //The guid is 32 chars long
data/openarena-0.8.8+dfsg/code/game/g_playerstore.c:78:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(playerstore[place2store].persistant,ps.persistant,sizeof(int[MAX_PERSISTANT]));
data/openarena-0.8.8+dfsg/code/game/g_playerstore.c:79:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(playerstore[place2store].accuracy,level.clients[ps.clientNum].accuracy, sizeof(playerstore[0].accuracy) );
data/openarena-0.8.8+dfsg/code/game/g_playerstore.c:93:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ps->persistant,playerstore[i].persistant,sizeof(int[MAX_PERSISTANT]));
data/openarena-0.8.8+dfsg/code/game/g_playerstore.c:94:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(level.clients[ps->clientNum].accuracy, playerstore[i].accuracy,sizeof(playerstore[0].accuracy) );
data/openarena-0.8.8+dfsg/code/game/g_rankings.c:1070:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/game/g_session.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_session.c:164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_session.c:168:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gt = atoi( s );
data/openarena-0.8.8+dfsg/code/game/g_spawn.c:59:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*out = atoi( s );
data/openarena-0.8.8+dfsg/code/game/g_spawn.c:296:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cvarname[128];
data/openarena-0.8.8+dfsg/code/game/g_spawn.c:297:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char itemname[128];
data/openarena-0.8.8+dfsg/code/game/g_spawn.c:403:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*(int *)(b+f->ofs) = atoi(value);
data/openarena-0.8.8+dfsg/code/game/g_spawn.c:535:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dest, string, l+1 );
data/openarena-0.8.8+dfsg/code/game/g_spawn.c:553:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyname[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_spawn.c:554:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com_token[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_svcmds.c:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char num[128];
data/openarena-0.8.8+dfsg/code/game/g_svcmds.c:114:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
b[i] = atoi(num);
data/openarena-0.8.8+dfsg/code/game/g_svcmds.c:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iplist_final[MAX_CVAR_VALUE_STRING];
data/openarena-0.8.8+dfsg/code/game/g_svcmds.c:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip[64];
data/openarena-0.8.8+dfsg/code/game/g_svcmds.c:242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_CVAR_VALUE_STRING];
data/openarena-0.8.8+dfsg/code/game/g_svcmds.c:266:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_svcmds.c:288:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_svcmds.c:383:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idnum = atoi( s );
data/openarena-0.8.8+dfsg/code/game/g_svcmds.c:421:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_svcmds.c:437:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_svcmds.c:448:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idnum = atoi( str );
data/openarena-0.8.8+dfsg/code/game/g_svcmds.c:522:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[ MAX_TOKEN_CHARS ];
data/openarena-0.8.8+dfsg/code/game/g_svcmds_ext.c:37:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userinfo[ MAX_INFO_STRING ];
data/openarena-0.8.8+dfsg/code/game/g_svcmds_ext.c:69:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamNum[ 2 ];
data/openarena-0.8.8+dfsg/code/game/g_svcmds_ext.c:138:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *reason, name[ MAX_STRING_CHARS ];
data/openarena-0.8.8+dfsg/code/game/g_svcmds_ext.c:149:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if( atoi( name ) == -1 )
data/openarena-0.8.8+dfsg/code/game/g_svcmds_ext.c:183:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[ MAX_STRING_CHARS ], userinfo[ MAX_INFO_STRING ];
data/openarena-0.8.8+dfsg/code/game/g_svcmds_ext.c:184:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[ BIG_INFO_KEY ], value[ BIG_INFO_VALUE ];
data/openarena-0.8.8+dfsg/code/game/g_svcmds_ext.c:238:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmd[ 5 ];
data/openarena-0.8.8+dfsg/code/game/g_syscalls.c:171:59: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void trap_AdjustAreaPortalState( gentity_t *ent, qboolean open ) {
data/openarena-0.8.8+dfsg/code/game/g_syscalls.c:172:44: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
syscall( G_ADJUST_AREA_PORTAL_STATE, ent, open );
data/openarena-0.8.8+dfsg/code/game/g_target.c:199:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/game/g_team.c:120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[1024];
data/openarena-0.8.8+dfsg/code/game/g_team.c:261:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char st[4];
data/openarena-0.8.8+dfsg/code/game/g_team.c:1695:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entry[1024];
data/openarena-0.8.8+dfsg/code/game/g_team.c:1696:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[8192];
data/openarena-0.8.8+dfsg/code/game/g_utils.c:28:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldShader[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/game/g_utils.c:29:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newShader[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/game/g_utils.c:58:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buff[MAX_STRING_CHARS*4];
data/openarena-0.8.8+dfsg/code/game/g_utils.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[(MAX_QPATH * 2) + 5];
data/openarena-0.8.8+dfsg/code/game/g_utils.c:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/game/g_utils.c:305:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[8][32];
data/openarena-0.8.8+dfsg/code/game/g_vote.c:33:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempStr[MAX_VOTENAME_LENGTH];
data/openarena-0.8.8+dfsg/code/game/g_vote.c:35:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char voteNames[MAX_CVAR_VALUE_STRING];
data/openarena-0.8.8+dfsg/code/game/g_vote.c:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_MAPNAME_BUFFER];
data/openarena-0.8.8+dfsg/code/game/g_vote.c:132:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_MAPS_TEXT];
data/openarena-0.8.8+dfsg/code/game/g_vote.c:177:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempStr[MAX_GAMETYPENAME_LENGTH];
data/openarena-0.8.8+dfsg/code/game/g_vote.c:179:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char voteGametypes[MAX_CVAR_VALUE_STRING];
data/openarena-0.8.8+dfsg/code/game/g_vote.c:238:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char custom_vote_info[1024];
data/openarena-0.8.8+dfsg/code/game/g_vote.c:249:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4*1024];
data/openarena-0.8.8+dfsg/code/game/g_vote.c:293:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4*1024];
data/openarena-0.8.8+dfsg/code/game/g_vote.c:295:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_addbots.c:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char botnames[7][32];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_addbots.c:263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_addbots.c:266:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gametype = atoi( Info_ValueForKey( info,"g_gametype" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_atoms.c:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_atoms.c:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_atoms.c:577:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_atoms.c:778:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[2];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_atoms.c:935:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_atoms.c:944:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_atoms.c:1050:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mappage.pagenumber = atoi(UI_Argv( 1 ));
data/openarena-0.8.8+dfsg/code/q3_ui/ui_challenges.c:64:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entryIntString[MAX_ENTRIES][MAX_INT_AS_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_cinematics.c:347:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n = atoi( UI_Argv( 1 ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_connect.c:37:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lastLoadingText[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_connect.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dlSizeBuf[64], totalSizeBuf[64], xferRateBuf[64], dlTimeBuf[64];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_connect.c:181:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_connect.c:248:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char downloadName[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_controls2.c:233:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char playerModel[64];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_controls2.c:717:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_controls2.c:718:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name2[32];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_controls2.c:729:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name,"???");
data/openarena-0.8.8+dfsg/code/q3_ui/ui_controls2.c:741:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( name, " or " );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_controls2.c:798:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_controls2.c:821:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[256];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_controls2.c:1252:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char playername[32];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_demo2.c:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char names[NAMEBUFSIZE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_demo2.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *demolist[MAX_DEMOS];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_demo2.c:147:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *demoname, extension[32];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_demo2.c:245:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s_demos.names, "No Demos Found." );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_firstconnect.c:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:37:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *ui_botInfos[MAX_BOTS];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *ui_arenaInfos[MAX_ARENAS];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:45:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char memoryPool[POOLSIZE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:121:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( token, "<NULL>" );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_ARENAS_TEXT];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:172:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirlist[20*1024];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:195:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(filename, "scripts/");
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:280:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if( *value && atoi(value) == num ) {
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:332:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_BOTS_TEXT];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:361:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:362:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirlist[1024];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:382:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(filename, "scripts/");
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:440:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arenaKey[16];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:441:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scores[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:458:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
skillScore = atoi( Info_ValueForKey( scores, arenaKey ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:485:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arenaKey[16];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:486:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scores[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:504:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
oldScore = atoi( Info_ValueForKey( scores, arenaKey ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:521:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[16];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:522:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char awardData[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:537:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
oldValue = atoi( Info_ValueForKey( awardData, key ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:550:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[16];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:551:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char awardData[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:556:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi( Info_ValueForKey( awardData, key ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:578:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if( levelWon == atoi( Info_ValueForKey( info, "num" ) ) ) {
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:582:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if( !info || levelWon == atoi( Info_ValueForKey( info, "num" ) ) ) {
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:604:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[16];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:605:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char videos[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:614:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if( atoi( Info_ValueForKey( videos, key ) ) ) {
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:631:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[16];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:632:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char videos[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:645:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if( atoi( Info_ValueForKey( videos, key ) ) ) {
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:668:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
level = atoi( Info_ValueForKey( info, "num" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:686:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi( Info_ValueForKey( info, "num" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:754:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arenaKey[16];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:755:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scores[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:787:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[16];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:788:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char awardData[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_ingame.c:168:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_ingame.c:242:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
team = atoi( Info_ValueForKey( info, "t" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_ingame.c:259:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if( atoi( Info_ValueForKey(info,"g_allowVote") )==0 || trap_Cvar_VariableValue("g_gametype")==GT_SINGLE_PLAYER ) {
data/openarena-0.8.8+dfsg/code/q3_ui/ui_loadconfig.c:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char names[NAMEBUFSIZE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_loadconfig.c:213:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s_configs.names,"No Files Found.");
data/openarena-0.8.8+dfsg/code/q3_ui/ui_local.h:229:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_EDIT_LINE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_local.h:302:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[10][MAX_MAPNAME_LENGTH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_menu.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorMessage[4096];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_menu.c:255:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirlist[2048];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mfield.c:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mfield.c:65:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( str, edit->buffer + prestep, drawLen );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mfield.c:117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pasteBuffer[64];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mods.c:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char description[NAMEBUFSIZE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mods.c:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fs_game[GAMEBUFSIZE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mods.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *descriptionList[MAX_MODS];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mods.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fs_gameList[MAX_MODS];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mods.c:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mods.c:152:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirlist[2048];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_password.c:62:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char servername[32];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playermodel.c:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelnames[MAX_PLAYERMODELS][128];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playermodel.c:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelskin[64];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playermodel.c:392:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirlist[2048];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playermodel.c:393:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filelist[2048];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playermodel.c:394:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skinname[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playermodel.c:461:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelskin[64];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playermodel.c:527:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char playername[32];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playermodel.c:528:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char modelname[32];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playermodel.c:529:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char skinname[32];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_players.c:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_players.c:93:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( path, "_barrel.md3" );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_players.c:99:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( path, "_flash.md3" );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_players.c:903:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_players.c:934:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[20000];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_players.c:1002:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].firstFrame = atoi( token );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_players.c:1015:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].numFrames = atoi( token );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_players.c:1021:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].loopFrames = atoi( token );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_players.c:1050:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelName[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_players.c:1051:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skinName[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_players.c:1052:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playersettings.c:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char playerModel[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playersettings.c:120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playersettings.c:256:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_qmenu.c:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[512];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_rankings.c:194:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[MAX_EDIT_LINE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_removebots.c:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char botnames[7][32];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_removebots.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_removebots.c:186:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_removebots.c:189:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
numPlayers = atoi( Info_ValueForKey( info, "sv_maxclients" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_removebots.c:195:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
isBot = atoi( Info_ValueForKey( info, "skill" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_saveconfig.c:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char configname[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_serverinfo.c:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_serverinfo.c:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char adrstr[128];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_serverinfo.c:67:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverbuff[128];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_serverinfo.c:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAX_INFO_KEY];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_serverinfo.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_serverinfo.c:189:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAX_INFO_KEY];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_serverinfo.c:190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:186:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char adrstr[MAX_ADDRESSLENGTH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:191:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char adrstr[MAX_ADDRESSLENGTH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:192:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[MAX_HOSTNAMELENGTH+3];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:193:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_MAPNAMELENGTH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:200:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gamename[16];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:209:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[MAX_LISTBOXWIDTH+64]; // +60 gives room for color codes... Sago: I need four more
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:253:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char favoriteaddresses[MAX_FAVORITESERVERS][MAX_ADDRESSLENGTH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:416:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char picname[64];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:533:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( g_arenaservers.status.string,"Scanning For Servers." );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:550:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(g_arenaservers.status.string,"No Response From Master Server." );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:553:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(g_arenaservers.status.string,"No Servers Found." );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:781:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &g_arenaservers.favoriteaddresses[i], &g_arenaservers.favoriteaddresses[i+1], (g_arenaservers.numfavoriteaddresses - i - 1)* MAX_ADDRESSLENGTH );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:798:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &g_favoriteserverlist[i], &g_favoriteserverlist[i+1], (g_numfavoriteservers - i - 1)*sizeof(servernode_t));
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:848:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
servernodeptr->numclients = atoi( Info_ValueForKey( info, "clients") );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:849:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
servernodeptr->humanclients = atoi( Info_ValueForKey( info, "g_humanplayers") );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:850:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
servernodeptr->needPass = atoi( Info_ValueForKey( info, "g_needpass") );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:851:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
servernodeptr->maxclients = atoi( Info_ValueForKey( info, "sv_maxclients") );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:853:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
servernodeptr->minPing = atoi( Info_ValueForKey( info, "minPing") );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:854:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
servernodeptr->maxPing = atoi( Info_ValueForKey( info, "maxPing") );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:872:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
servernodeptr->nettype = atoi(Info_ValueForKey(info, "nettype"));
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:875:6: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi( Info_ValueForKey( info, "gametype") );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:904:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:937:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char emptyinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:938:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char adrstr[MAX_ADDRESSLENGTH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:946:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( templist, g_favoriteserverlist, sizeof(servernode_t)*MAX_FAVORITESERVERS );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:978:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &g_favoriteserverlist[g_numfavoriteservers], &templist[j], sizeof(servernode_t) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1046:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char adrstr[MAX_ADDRESSLENGTH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1047:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1191:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char myargs[32], protocol[32];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1226:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( myargs, " ffa" );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1230:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( myargs, " team" );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1234:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( myargs, " tourney" );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1238:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( myargs, " ctf" );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1242:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( myargs, " elimination" );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1246:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( myargs, " ctfelimination" );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1250:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( myargs, " lms" );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1254:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( myargs, " dd" );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1258:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( myargs, " dom" );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1264:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(myargs, " empty");
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1268:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(myargs, " full");
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1324:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char masterstr[2], cvarname[sizeof("sv_master1")];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1376:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(g_arenaservers.status.string,"hit refresh to update");
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1541:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char statusbuffer[MAX_STATUSLENGTH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sparena.c:36:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
level = atoi( Info_ValueForKey( arenaInfo, "num" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_specifyleague.c:63:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char playername[80];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_specifyleague.c:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[MAX_LISTBOXWIDTH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_specifyleague.c:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char leaguename[MAX_LEAGUENAME];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_specifyleague.c:90:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *leaguename_items[MAX_LISTBOXITEMS];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_specifyleague.c:106:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[MAX_LEAGUENAME];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_specifyserver.c:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c:93:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char levelPicNames[4][MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char levelNames[4][16];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char playerModel[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c:102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char playerPicName[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char botNames[7][10];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c:155:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iconName[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bots[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c:225:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c:274:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
level = atoi( Info_ValueForKey( arenaInfo, "num" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c:295:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
level = atoi( Info_ValueForKey( arenaInfo, "num" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c:545:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c:546:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[64];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c:721:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c:923:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n = atoi( buf );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_splevel.c:950:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
trainingLevel = atoi( Info_ValueForKey( arenaInfo, "num" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char placeNames[3][64];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:78:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char arenainfo[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:268:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:269:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:301:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:304:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
serverId = atoi( Info_ValueForKey( info, "sv_serverid" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:482:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:483:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:511:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:512:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:517:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
postgameMenuInfo.serverId = atoi( Info_ValueForKey( info, "sv_serverid" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:527:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
postgameMenuInfo.level = atoi( Info_ValueForKey( arenainfo, "num" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:529:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
postgameMenuInfo.numClients = atoi( UI_Argv( 1 ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:530:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
playerClientNum = atoi( UI_Argv( 2 ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:538:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
postgameMenuInfo.clientNums[n] = atoi( UI_Argv( 8 + n * 3 + 1 ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:539:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
postgameMenuInfo.ranks[n] = atoi( UI_Argv( 8 + n * 3 + 2 ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:540:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
postgameMenuInfo.scores[n] = atoi( UI_Argv( 8 + n * 3 + 3 ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:550:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
awardValues[AWARD_ACCURACY] = atoi( UI_Argv( 3 ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:551:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
awardValues[AWARD_IMPRESSIVE] = atoi( UI_Argv( 4 ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:552:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
awardValues[AWARD_EXCELLENT] = atoi( UI_Argv( 5 ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:553:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
awardValues[AWARD_GAUNTLET] = atoi( UI_Argv( 6 ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:554:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
awardValues[AWARD_FRAGS] = atoi( UI_Argv( 7 ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:555:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
awardValues[AWARD_PERFECT] = atoi( UI_Argv( 8 ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:240:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char picname[MAX_MAPSPERPAGE][64];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[MAX_NAMELENGTH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:283:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s_startserver.mapname.string, "NO MAPS FOUND" );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:471:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char mapnamebuffer[64];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:655:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char picname[64];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:656:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapname[ MAX_NAMELENGTH ];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:753:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapnamebuffer[32];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:754:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char playerNameBuffers[PLAYER_SLOTS][16];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:758:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newBotName[16];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:858:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:861:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timelimit = atoi( s_serveroptions.timelimit.field.buffer );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:862:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fraglimit = atoi( s_serveroptions.fraglimit.field.buffer );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:863:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
flaglimit = atoi( s_serveroptions.flaglimit.field.buffer );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:1297:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bots[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:1369:21: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s_serveroptions.playerNameBuffers[n], "Grunt" );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:1372:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s_serveroptions.playerNameBuffers[n], "Merman" );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:1375:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s_serveroptions.playerNameBuffers[n], "Kyonshi" );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:1378:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( s_serveroptions.playerNameBuffers[n], "Skelebot" );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:1402:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char picname[64];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:1926:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char boticons[MAX_MODELSPERPAGE][MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:1927:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char botnames[MAX_MODELSPERPAGE][16];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:1988:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_team.c:102:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_team.c:166:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gametype = atoi( Info_ValueForKey( info,"g_gametype" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_teamorders.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *bots[9];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_teamorders.c:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char botNames[9][16];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_teamorders.c:345:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[256];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_teamorders.c:407:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_teamorders.c:419:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
numPlayers = atoi( Info_ValueForKey( info, "sv_maxclients" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_teamorders.c:420:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
teamOrdersMenuInfo.gametype = atoi( Info_ValueForKey( info, "g_gametype" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_teamorders.c:430:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
isBot = atoi( Info_ValueForKey( info, "skill" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_teamorders.c:535:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_teamorders.c:540:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
teamOrdersMenuInfo.gametype = atoi( Info_ValueForKey( info, "g_gametype" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_teamorders.c:548:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
team = atoi( Info_ValueForKey( info, "t" ) );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_video.c:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stringbuff[1024];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_video.c:327:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *builtinResolutions[ ] =
data/openarena-0.8.8+dfsg/code/q3_ui/ui_video.c:344:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *knownRatios[ ][2] =
data/openarena-0.8.8+dfsg/code/q3_ui/ui_video.c:359:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ratioBuf[ MAX_RESOLUTIONS ][ 8 ];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_video.c:363:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char resbuf[ MAX_STRING_CHARS ];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_video.c:431:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[ sizeof(ratioBuf[0]) ];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_video.c:438:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
w = atoi( str );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_video.c:439:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
h = atoi( x );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_video.c:674:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char w[ 16 ], h[ 16 ];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_video.c:850:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu.c:447:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu.c:450:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
s_votemenu.g_doWarmupEnabled = atoi(Info_ValueForKey(serverinfo,"g_doWarmup"));
data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_custom.c:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[CUSTOM_MENU_MAX_ENTRIES][32];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_custom.c:161:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char custominfo[MAX_INFO_STRING], *token,*pointer;
data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_fraglimit.c:264:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_fraglimit.c:268:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
s_votemenu_fraglmit.min = atoi(Info_ValueForKey(serverinfo,"g_voteMinFraglimit"));
data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_fraglimit.c:269:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
s_votemenu_fraglmit.max = atoi(Info_ValueForKey(serverinfo,"g_voteMaxFraglimit"));
data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_gametype.c:328:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverinfo[MAX_INFO_STRING], *gametypeinfo;
data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_kick.c:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[SIZE_OF_NAME];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_kick.c:84:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char playerinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_timelimit.c:263:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverinfo[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_timelimit.c:267:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
s_votemenu_Timelmit.min = atoi(Info_ValueForKey(serverinfo,"g_voteMinTimelimit"));
data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_timelimit.c:268:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
s_votemenu_Timelmit.max = atoi(Info_ValueForKey(serverinfo,"g_voteMaxTimelimit"));
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldPath[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:274:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char com_token[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:275:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char com_parsename[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:297:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[4096];
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:309:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[4096];
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:529:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:562:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( token, "<NULL>" );
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:947:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bigbuffer[32000]; // big, but small enough to fit in PPC stack
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:977:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[2][32000]; // in case va is called by nested functions
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1030:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkey[BIG_INFO_KEY];
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1031:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char value[2][BIG_INFO_VALUE]; // use two buffers so compares
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkey[MAX_INFO_KEY];
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pkey[BIG_INFO_KEY];
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1184:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[BIG_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newi[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1300:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newi[BIG_INFO_STRING];
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.h:303:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define Com_Memcpy memcpy
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.h:662:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_TOKENLENGTH];
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.h:862:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[MAX_CVAR_VALUE_STRING];
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.h:1005:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stringData[MAX_GAMESTATE_CHARS];
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.h:1245:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shaderName[32];
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.h:1251:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/qcommon/qcommon.h:710:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_EDIT_LINE];
data/openarena-0.8.8+dfsg/code/qcommon/qcommon.h:726:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char cl_cdkey[34];
data/openarena-0.8.8+dfsg/code/qcommon/qfiles.h:99:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/openarena-0.8.8+dfsg/code/qcommon/qfiles.h:103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // tag name
data/openarena-0.8.8+dfsg/code/qcommon/qfiles.h:121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // polyset name
data/openarena-0.8.8+dfsg/code/qcommon/qfiles.h:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/qcommon/qfiles.h:161:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // model name
data/openarena-0.8.8+dfsg/code/qcommon/qfiles.h:210:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // polyset name
data/openarena-0.8.8+dfsg/code/qcommon/qfiles.h:211:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/qcommon/qfiles.h:254:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // model name
data/openarena-0.8.8+dfsg/code/qcommon/qfiles.h:314:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // polyset name
data/openarena-0.8.8+dfsg/code/qcommon/qfiles.h:315:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/qcommon/qfiles.h:345:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/openarena-0.8.8+dfsg/code/qcommon/qfiles.h:350:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Comp[24]; // MC_COMP_BYTES is in MatComp.h, but don't want to couple
data/openarena-0.8.8+dfsg/code/qcommon/qfiles.h:368:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/openarena-0.8.8+dfsg/code/qcommon/qfiles.h:375:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_QPATH]; // model name
data/openarena-0.8.8+dfsg/code/qcommon/qfiles.h:490:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/qcommon/qfiles.h:535:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/renderer/tr_types.h:134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_RENDER_STRINGS][MAX_RENDER_STRING_LENGTH];
data/openarena-0.8.8+dfsg/code/renderer/tr_types.h:179:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char renderer_string[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/renderer/tr_types.h:180:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vendor_string[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/renderer/tr_types.h:181:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version_string[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/renderer/tr_types.h:182:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extensions_string[BIG_INFO_STRING];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:44:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char com_token[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:48:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archivedir[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:60:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ex_argv[MAX_EX_ARGC];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filebase[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:120:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text2[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:180:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[4096];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:217:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char qdir[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:218:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gamedir[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:219:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char writedir[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:223:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:300:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char full[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:314:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char full[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:327:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char full[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:341:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char archivename[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:642:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[MAX_PATH];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:649:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(fn, mode);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:722:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)buffer)[length] = 0;
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:782:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)buffer)[length] = 0;
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:829:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[128];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:884:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dest, path, src-path);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:965:9: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atol (str);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:1087:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:1107:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dir, path, ofs - path );
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.h:49:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#pragma intrinsic( memset, memcpy )
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.h:82:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char qdir[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.h:83:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char gamedir[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.h:84:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char writedir[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.h:121:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char com_token[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.h:135:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char archivedir[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:31:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outputFilename[MAX_OS_PATH];
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:190:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *asmFiles[MAX_ASM_FILES];
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:191:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *asmFileNames[MAX_ASM_FILES];
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:208:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lineBuffer[MAX_LINE_LENGTH];
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:210:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char token[MAX_LINE_LENGTH];
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:538:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expanded[MAX_LINE_LENGTH];
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:593:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expanded[MAX_LINE_LENGTH];
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:667:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( lineBuffer, data, (p - data) );
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:731:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sym[MAX_LINE_LENGTH];
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:741:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( sym, token, i );
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:764:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( sym, token+i+1, j-i-1 );
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:921:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:1066:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1024];
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:1316:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imageName[MAX_OS_PATH];
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:1321:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( imageName, ".map" );
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:1346:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imageName[MAX_OS_PATH];
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:1355:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( imageName, ".qvm" );
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:1426:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_OS_PATH];
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:1492:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expanded[MAX_OS_PATH];
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:1550:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( outputFilename, "q3asm" );
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:34:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:96:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:105:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:179:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gameList[4096];
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:219:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:220:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:230:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
game = atoi(Info_ValueForKey(info, "g_gametype"));
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:246:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.accuracy = atoi(UI_Argv(3));
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:247:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.impressives = atoi(UI_Argv(4));
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:248:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.excellents = atoi(UI_Argv(5));
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:249:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.defends = atoi(UI_Argv(6));
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:250:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.assists = atoi(UI_Argv(7));
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:251:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.gauntlets = atoi(UI_Argv(8));
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:252:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.baseScore = atoi(UI_Argv(9));
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:253:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.perfects = atoi(UI_Argv(10));
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:254:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.redScore = atoi(UI_Argv(11));
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:255:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.blueScore = atoi(UI_Argv(12));
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:256:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
time = atoi(UI_Argv(13));
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:257:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newInfo.captures = atoi(UI_Argv(14));
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:346:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader1[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:347:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader2[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:348:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shader3[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:36:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *ui_botInfos[MAX_BOTS];
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:39:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *ui_arenaInfos[MAX_ARENAS];
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[MAX_TOKEN_CHARS];
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:88:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( token, "<NULL>" );
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_ARENAS_TEXT];
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirlist[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:161:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(filename, "scripts/");
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:233:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_BOTS_TEXT];
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:263:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:264:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirlist[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:284:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(filename, "scripts/");
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:229:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[MAX_EDIT_LINE];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:663:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *teamMembers[TEAM_MEMBERS];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:690:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *maps[MAPS_PER_TIER];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:701:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char adrstr[MAX_ADDRESSLENGTH];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:732:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char motd[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:737:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char adrstr[MAX_ADDRESSLENGTH];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:738:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_ADDRESSLENGTH];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:750:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[MAX_ADDRESSLENGTH];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:751:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *lines[MAX_SERVERSTATUS_LINES][4];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:752:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[MAX_SERVERSTATUS_TEXT];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:753:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pings[MAX_CLIENTS * 3];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:796:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char playerNames[MAX_CLIENTS][MAX_NAME_LENGTH];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:797:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamNames[MAX_CLIENTS][MAX_NAME_LENGTH];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:813:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *demoList[MAX_DEMOS];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:817:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *movieList[MAX_MOVIES];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:825:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char serverStatusAddress[MAX_ADDRESSLENGTH];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:831:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char findPlayerName[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:832:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char foundPlayerServerAddresses[MAX_FOUNDPLAYER_SERVERS][MAX_ADDRESSLENGTH];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:833:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char foundPlayerServerNames[MAX_FOUNDPLAYER_SERVERS][MAX_ADDRESSLENGTH];
data/openarena-0.8.8+dfsg/code/ui/ui_local.h:843:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char q3HeadNames[MAX_PLAYERMODELS][64];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:382:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&newColor[0], &color[0], sizeof(vec4_t));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:451:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&newColor[0], &color[0], sizeof(vec4_t));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:686:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_MENUFILE];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:995:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lastName[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1283:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1284:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char team[256];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1285:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char head[256];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1325:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1326:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char team[256];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1327:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char head[256];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1535:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1536:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headmodel[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1537:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char team[256];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1564:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1565:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headmodel[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1566:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char team[256];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1875:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_STRING];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1880:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uiInfo.teamLeader = atoi(Info_ValueForKey(info, "tl"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1881:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
team = atoi(Info_ValueForKey(info, "t"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1883:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
count = atoi( Info_ValueForKey( info, "sv_maxclients" ) );
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1894:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
team2 = atoi(Info_ValueForKey(info, "t"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:1939:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[64];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:2015:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:2016:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *lines[64];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:2906:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirlist[2048];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:2936:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char teamList[4096];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:2960:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char movielist[4096];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:2992:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char demolist[4096];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:2993:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char demoExt[32];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3037:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3247:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3320:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[17];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3501:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME_LENGTH];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3502:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[MAX_NAME_LENGTH];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3527:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[MAX_NAME_LENGTH];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3537:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME_LENGTH];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3538:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[MAX_NAME_LENGTH];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3663:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char test[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3821:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3837:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(uiInfo.serverStatus.motd, "Welcome to Team Arena!");
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3880:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
clients = atoi(Info_ValueForKey(info, "g_humanplayers"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3882:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
clients = atoi(Info_ValueForKey(info, "clients"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3893:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maxClients = atoi(Info_ValueForKey(info, "sv_maxclients"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3901:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
game = atoi(Info_ValueForKey(info, "gametype"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:4116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_NAME_LENGTH+2];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:4117:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char infoString[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:4372:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:4373:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hostname[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:4374:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char clientBuff[32];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:4396:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ping = atoi(Info_ValueForKey(info, "ping"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:4409:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
netnames[atoi(Info_ValueForKey(info, "nettype"))] );
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:4422:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
game = atoi(Info_ValueForKey(info, "gametype"));
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:4506:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char info[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5043:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirlist[2048];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5044:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filelist[2048];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5045:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skinname[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5046:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char scratch[256];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5319:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5397:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lastLoadingText[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5438:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5496:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dlSizeBuf[64], totalSizeBuf[64], xferRateBuf[64], dlTimeBuf[64];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5571:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char info[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5572:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[256];
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5628:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char downloadName[MAX_INFO_VALUE];
data/openarena-0.8.8+dfsg/code/ui/ui_players.c:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_players.c:94:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( path, "_barrel.md3" );
data/openarena-0.8.8+dfsg/code/ui/ui_players.c:100:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( path, "_flash.md3" );
data/openarena-0.8.8+dfsg/code/ui/ui_players.c:1209:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH*2];
data/openarena-0.8.8+dfsg/code/ui/ui_players.c:1265:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[20000];
data/openarena-0.8.8+dfsg/code/ui/ui_players.c:1335:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].firstFrame = atoi( token );
data/openarena-0.8.8+dfsg/code/ui/ui_players.c:1348:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].numFrames = atoi( token );
data/openarena-0.8.8+dfsg/code/ui/ui_players.c:1354:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
animations[i].loopFrames = atoi( token );
data/openarena-0.8.8+dfsg/code/ui/ui_players.c:1382:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modelName[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_players.c:1383:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char skinName[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_players.c:1384:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headModelName[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_players.c:1385:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headSkinName[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_players.c:1386:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_QPATH];
data/openarena-0.8.8+dfsg/code/ui/ui_public.h:32:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char servername[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/ui/ui_public.h:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char updateInfoString[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/ui/ui_public.h:34:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char messageString[MAX_STRING_CHARS];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:83:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char memoryPool[MEM_POOL_SIZE];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:157:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char strPool[STRING_POOL_SIZE];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:256:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:258:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[4096];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:278:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:280:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char string[4096];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:402:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*i = atoi(token);
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:508:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char script[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:1113:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&item->window.rectClient, &rectFrom, sizeof(rectDef_t));
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:1114:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&item->window.rectEffects, &rectTo, sizeof(rectDef_t));
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:1265:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char script[1024], *p;
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:1301:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char script[1024], *p;
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:1304:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:1950:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:1976:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:2030:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:2780:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:2820:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newColor, &item->window.foreColor, sizeof(vec4_t));
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:2826:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newColor, &parent->disableColor, sizeof(vec4_t));
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:2832:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:2834:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:2905:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:2907:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:2950:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:3025:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:3048:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&newColor, &item->window.foreColor, sizeof(vec4_t));
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:3075:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&newColor, &item->window.foreColor, sizeof(vec4_t));
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:3098:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&newColor, &item->window.foreColor, sizeof(vec4_t));
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:3221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[256];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:3347:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char g_nameBind1[32];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:3348:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char g_nameBind2[32];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:3369:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat( g_nameBind1, " or " );
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:3375:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(g_nameBind1, "???");
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:3392:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&newColor, &item->window.foreColor, sizeof(vec4_t));
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:3436:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&newColor, &item->window.foreColor, sizeof(vec4_t));
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:5021:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&item->colorRanges[item->numColors], &color, sizeof(color));
data/openarena-0.8.8+dfsg/code/ui/ui_shared.h:110:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *args[MAX_SCRIPT_ARGS];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.h:201:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *cvarList[MAX_MULTI_CVARS];
data/openarena-0.8.8+dfsg/code/ui/ui_shared.h:202:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *cvarStr[MAX_MULTI_CVARS];
data/openarena-0.8.8+dfsg/code/cgame/cg_draw.c:64:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/openarena-0.8.8+dfsg/code/cgame/cg_draw.c:101:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/openarena-0.8.8+dfsg/code/cgame/cg_draw.c:149:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/openarena-0.8.8+dfsg/code/cgame/cg_draw.c:246:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(num);
data/openarena-0.8.8+dfsg/code/cgame/cg_event.c:208:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (message && strlen(targetName)) {
data/openarena-0.8.8+dfsg/code/cgame/cg_main.c:1345:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(cg.spectatorList);
data/openarena-0.8.8+dfsg/code/cgame/cg_newdraw.c:1242:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/openarena-0.8.8+dfsg/code/cgame/cg_players.c:668:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat( teamname, "/" );
data/openarena-0.8.8+dfsg/code/cgame/cg_scoreboard.c:524:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CG_DrawStringExt( 632 - GIANT_WIDTH * strlen(s), y, s, color, qtrue, qtrue, GIANT_WIDTH, GIANT_HEIGHT, 0 );
data/openarena-0.8.8+dfsg/code/cgame/cg_scoreboard.c:530:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CG_DrawStringExt( 632 - GIANT_WIDTH * strlen(s), y, s, color, qtrue, qtrue, GIANT_WIDTH, GIANT_HEIGHT, 0 );
data/openarena-0.8.8+dfsg/code/cgame/cg_scoreboard.c:546:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CG_DrawStringExt( 632 - GIANT_WIDTH * strlen(s), y, s, color, qtrue, qtrue, GIANT_WIDTH, GIANT_HEIGHT, 0 );
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:192:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(temp)<1)
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:457:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(originalShader, o, n-o);
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:462:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(newShader, n, t-n);
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:470:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(timeOffset, t, o-t);
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:959:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(headModelVoiceChat[i].headmodel)) {
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:975:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(voiceChatLists[i].name)) {
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:979:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(headModelVoiceChat[j].headmodel)) {
data/openarena-0.8.8+dfsg/code/cgame/cg_servercmds.c:997:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(headModelVoiceChat[j].headmodel)) {
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:80:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:80:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:107:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:107:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:135:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:135:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:165:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:165:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:199:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:199:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:235:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:235:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:268:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mapname, Info_ValueForKey( info, "mapname" ), sizeof(mapname)-1);
data/openarena-0.8.8+dfsg/code/game/ai_chat.c:750:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
else strcpy(name, "");
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:170:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(goalname)) return qfalse;
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:304:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) {
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:419:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name)) {
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:427:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name)) {
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1211:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bs->subteam, teammate, 32);
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1233:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(bs->subteam))
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1240:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(bs->subteam, "");
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1254:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(bs->subteam)) {
data/openarena-0.8.8+dfsg/code/game/ai_cmd.c:1404:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bs->teamleader, teammate, sizeof(bs->teamleader));
data/openarena-0.8.8+dfsg/code/game/ai_dmnet.c:790:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(buf, "");
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1511:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, Info_ValueForKey(buf, "n"), size-1);
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1530:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(skin, Info_ValueForKey(buf, "model"), size-1);
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1609:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(ptr, ptr+1, strlen(ptr+1)+1);
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1615:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (str2 > str1) memmove(str1, str2+1, strlen(str2+1)+1);
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1616:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else memmove(str2, str1+1, strlen(str1+1)+1);
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1621:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(name, name+2, strlen(name+2)+1);
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1636:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(ptr, ptr+1, strlen(ptr + 1)+1);
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:1639:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, name, size-1);
data/openarena-0.8.8+dfsg/code/game/ai_dmq3.c:3792:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mapname, Info_ValueForKey( info, "mapname" ), sizeof(mapname)-1);
data/openarena-0.8.8+dfsg/code/game/ai_main.c:409:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_main.c:409:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_main.c:422:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_main.c:422:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_main.c:572:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n")))
data/openarena-0.8.8+dfsg/code/game/ai_main.c:572:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n")))
data/openarena-0.8.8+dfsg/code/game/ai_main.c:656:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(bot_interbreedwrite.string)) {
data/openarena-0.8.8+dfsg/code/game/ai_main.c:673:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(bot_interbreedchar.string)) return;
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1027:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(args, args+1, strlen(args));
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1028:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
args[strlen(args)-1] = '\0';
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1033:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(args, args+1, strlen(args));
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1034:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
args[strlen(args)-1] = '\0';
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1039:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(args, args+1, strlen(args));
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1040:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
args[strlen(args)-1] = '\0';
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1617:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf)) strcpy(buf, "8");
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1617:20: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if (!strlen(buf)) strcpy(buf, "8");
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1623:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) trap_BotLibVarSet("sv_mapChecksum", buf);
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1626:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) trap_BotLibVarSet("max_aaslinks", buf);
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1629:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) trap_BotLibVarSet("max_levelitems", buf);
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1632:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf)) strcpy(buf, "0");
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1632:20: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if (!strlen(buf)) strcpy(buf, "0");
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1640:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) trap_BotLibVarSet("nochat", buf);
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1643:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) trap_BotLibVarSet("bot_visualizejumppads", buf);
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1646:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) trap_BotLibVarSet("forceclustering", buf);
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1649:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) trap_BotLibVarSet("forcereachability", buf);
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1652:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) trap_BotLibVarSet("forcewrite", buf);
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1655:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) trap_BotLibVarSet("aasoptimize", buf);
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1658:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) trap_BotLibVarSet("saveroutingcache", buf);
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1661:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf)) strcpy(buf, "0");
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1661:20: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
if (!strlen(buf)) strcpy(buf, "0");
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1665:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) trap_BotLibVarSet("basedir", buf);
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1668:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) trap_BotLibVarSet("gamedir", buf);
data/openarena-0.8.8+dfsg/code/game/ai_main.c:1671:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) trap_BotLibVarSet("homedir", buf);
data/openarena-0.8.8+dfsg/code/game/ai_team.c:73:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(bs->teamleader)) return qfalse;
data/openarena-0.8.8+dfsg/code/game/ai_team.c:95:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_team.c:95:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_team.c:153:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_team.c:153:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_team.c:203:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_team.c:203:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_team.c:1058:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_team.c:1058:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(buf) || !strlen(Info_ValueForKey(buf, "n"))) continue;
data/openarena-0.8.8+dfsg/code/game/ai_team.c:2141:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bs->teamleader, netname, sizeof(bs->teamleader));
data/openarena-0.8.8+dfsg/code/game/bg_lib.c:187:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t strlen( const char *string ) {
data/openarena-0.8.8+dfsg/code/game/bg_lib.c:332:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *strncpy( char *strDest, const char *strSource, size_t count ) {
data/openarena-0.8.8+dfsg/code/game/bg_lib.h:86:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t strlen( const char *string );
data/openarena-0.8.8+dfsg/code/game/bg_lib.h:93:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
char *strncpy( char *strDest, const char *strSource, size_t count );
data/openarena-0.8.8+dfsg/code/game/g_admin.c:702:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trap_FS_Write( string, strlen( string ), f );
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1870:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(g_admin_namelog[ logmatch ]->guid)==0 || strlen(g_admin_namelog[ logmatch ]->ip) )
data/openarena-0.8.8+dfsg/code/game/g_admin.c:1870:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(g_admin_namelog[ logmatch ]->guid)==0 || strlen(g_admin_namelog[ logmatch ]->ip) )
data/openarena-0.8.8+dfsg/code/game/g_admin.c:2444:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ip_match_len = strlen(ip_match);
data/openarena-0.8.8+dfsg/code/game/g_admin.c:3434:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( m ) + strlen( g_bfb ) >= 1009 )
data/openarena-0.8.8+dfsg/code/game/g_admin.c:3434:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( m ) + strlen( g_bfb ) >= 1009 )
data/openarena-0.8.8+dfsg/code/game/g_arenas.c:124:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msglen = strlen( msg );
data/openarena-0.8.8+dfsg/code/game/g_arenas.c:128:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msglen += strlen( buf );
data/openarena-0.8.8+dfsg/code/game/g_bot.c:110:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!BG_CanAlloc(strlen(info) + strlen("\\num\\") + strlen(va("%d", MAX_ARENAS)) + 1))
data/openarena-0.8.8+dfsg/code/game/g_bot.c:110:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!BG_CanAlloc(strlen(info) + strlen("\\num\\") + strlen(va("%d", MAX_ARENAS)) + 1))
data/openarena-0.8.8+dfsg/code/game/g_bot.c:110:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!BG_CanAlloc(strlen(info) + strlen("\\num\\") + strlen(va("%d", MAX_ARENAS)) + 1))
data/openarena-0.8.8+dfsg/code/game/g_bot.c:114:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infos[count] = BG_Alloc(strlen(info) + strlen("\\num\\") + strlen(va("%d", MAX_ARENAS)) + 1);
data/openarena-0.8.8+dfsg/code/game/g_bot.c:114:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infos[count] = BG_Alloc(strlen(info) + strlen("\\num\\") + strlen(va("%d", MAX_ARENAS)) + 1);
data/openarena-0.8.8+dfsg/code/game/g_bot.c:114:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infos[count] = BG_Alloc(strlen(info) + strlen("\\num\\") + strlen(va("%d", MAX_ARENAS)) + 1);
data/openarena-0.8.8+dfsg/code/game/g_bot.c:179:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen(dirptr);
data/openarena-0.8.8+dfsg/code/game/g_bot.c:298:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(netname, value, sizeof(netname)-1);
data/openarena-0.8.8+dfsg/code/game/g_bot.c:790:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(funname, "");
data/openarena-0.8.8+dfsg/code/game/g_bot.c:923:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen(dirptr);
data/openarena-0.8.8+dfsg/code/game/g_client.c:1549:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
motdLen = strlen(motd);
data/openarena-0.8.8+dfsg/code/game/g_client.c:1681:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(custom_vote_info))
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:98:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen(entry);
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:156:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen(entry);
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:348:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = strlen( arg );
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1639:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer[strlen(buffer)-2] = 0;
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1671:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer[strlen(buffer)-2] = 0;
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1834:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(arg2)<1) {
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1844:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(customvote.displayname))
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1959:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(arg2, " ");
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1960:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trap_Argv( i, &arg2[strlen(arg2)], sizeof( arg2 ) - strlen(arg2) );
data/openarena-0.8.8+dfsg/code/game/g_cmds.c:1960:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trap_Argv( i, &arg2[strlen(arg2)], sizeof( arg2 ) - strlen(arg2) );
data/openarena-0.8.8+dfsg/code/game/g_cmds_ext.c:154:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( err ) + strlen( line ) > len )
data/openarena-0.8.8+dfsg/code/game/g_cmds_ext.c:154:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( err ) + strlen( line ) > len )
data/openarena-0.8.8+dfsg/code/game/g_cmds_ext.c:253:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( s2 ) < 1 )
data/openarena-0.8.8+dfsg/code/game/g_fileops.c:75:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( t ) + strlen( s ) >= size )
data/openarena-0.8.8+dfsg/code/game/g_fileops.c:75:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( t ) + strlen( s ) >= size )
data/openarena-0.8.8+dfsg/code/game/g_fileops.c:95:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trap_FS_Write( buf, strlen( buf ), f );
data/openarena-0.8.8+dfsg/code/game/g_fileops.c:115:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trap_FS_Write( buf, strlen( buf ), f );
data/openarena-0.8.8+dfsg/code/game/g_killspree.c:229:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( output, stringToSearch, p - stringToSearch );
data/openarena-0.8.8+dfsg/code/game/g_killspree.c:232:99: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Q_snprintf( output + ( p - stringToSearch ), output - stringToSearch, "%s%s", replaceWith, p + strlen( placeHolder ) );
data/openarena-0.8.8+dfsg/code/game/g_main.c:740:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
G_LogPrintf("Info: ServerInfo length: %d of %d\n", strlen(serverinfo), MAX_INFO_STRING );
data/openarena-0.8.8+dfsg/code/game/g_main.c:1651:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trap_FS_Write( string, strlen( string ), level.logFile );
data/openarena-0.8.8+dfsg/code/game/g_playerstore.c:53:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(guid)<32)
data/openarena-0.8.8+dfsg/code/game/g_playerstore.c:86:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(guid)<32)
data/openarena-0.8.8+dfsg/code/game/g_spawn.c:347:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(string) + 1;
data/openarena-0.8.8+dfsg/code/game/g_spawn.c:529:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen( string );
data/openarena-0.8.8+dfsg/code/game/g_svcmds.c:158:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(iplist_final)+strlen(ip) < MAX_CVAR_VALUE_STRING)
data/openarena-0.8.8+dfsg/code/game/g_svcmds.c:158:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(iplist_final)+strlen(ip) < MAX_CVAR_VALUE_STRING)
data/openarena-0.8.8+dfsg/code/game/g_team.c:1747:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = strlen(entry);
data/openarena-0.8.8+dfsg/code/game/g_vote.c:39:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(commandStr);
data/openarena-0.8.8+dfsg/code/game/g_vote.c:47:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&tempStr[1],commandStr,length);
data/openarena-0.8.8+dfsg/code/game/g_vote.c:114:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maplen = strlen(pointer);
data/openarena-0.8.8+dfsg/code/game/g_vote.c:146:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(mapname);
data/openarena-0.8.8+dfsg/code/game/g_vote.c:183:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(gametypeStr);
data/openarena-0.8.8+dfsg/code/game/g_vote.c:190:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(&tempStr[1],gametypeStr,length);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_atoms.c:746:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_atoms.c:752:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_cdkey.c:94:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if( strlen( key ) != 16 ) {
data/openarena-0.8.8+dfsg/code/q3_ui/ui_challenges.c:376:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(challenges.entryIntString[i],va("%u",challenges.entryInt[i]),MAX_INT_AS_STRING);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_connect.c:43:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_sprintf( buf+strlen(buf), bufsize-strlen(buf), ".%02d GB",
data/openarena-0.8.8+dfsg/code/q3_ui/ui_connect.c:43:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_sprintf( buf+strlen(buf), bufsize-strlen(buf), ".%02d GB",
data/openarena-0.8.8+dfsg/code/q3_ui/ui_connect.c:47:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_sprintf( buf+strlen(buf), bufsize-strlen(buf), ".%02d MB",
data/openarena-0.8.8+dfsg/code/q3_ui/ui_connect.c:47:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_sprintf( buf+strlen(buf), bufsize-strlen(buf), ".%02d MB",
data/openarena-0.8.8+dfsg/code/q3_ui/ui_demo2.c:259:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( demoname );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:126:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infos[count] = UI_Alloc(strlen(info) + strlen("\\num\\") + strlen(va("%d", MAX_ARENAS)) + 1);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:126:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infos[count] = UI_Alloc(strlen(info) + strlen("\\num\\") + strlen(va("%d", MAX_ARENAS)) + 1);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:126:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infos[count] = UI_Alloc(strlen(info) + strlen("\\num\\") + strlen(va("%d", MAX_ARENAS)) + 1);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:194:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen(dirptr);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_gameinfo.c:381:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen(dirptr);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_loadconfig.c:227:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( configname );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_main.c:328:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(UI_Cvar_VariableString(cvar)) == 0)
data/openarena-0.8.8+dfsg/code/q3_ui/ui_menu.c:225:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s_errorMessage.errorMessage))
data/openarena-0.8.8+dfsg/code/q3_ui/ui_menu.c:242:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
UI_DrawString( 640 - (8 * strlen(PRODUCT_VERSION) + 1), 480-14, S_COLOR_WHITE PRODUCT_VERSION, UI_SMALLFONT, color );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_menu.c:264:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen( dirptr ) + 1;
data/openarena-0.8.8+dfsg/code/q3_ui/ui_menu.c:269:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirptr += dirlen + strlen(descptr) + 1;
data/openarena-0.8.8+dfsg/code/q3_ui/ui_menu.c:299:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s_errorMessage.errorMessage))
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mfield.c:42:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( edit->buffer ) + 1;
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mfield.c:99:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mfield.c:104:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mfield.c:123:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pasteLen = strlen( pasteBuffer );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mfield.c:148:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( edit->buffer );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mfield.c:220:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( edit->buffer );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mfield.c:315:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = (strlen( m->generic.name )+1) * w;
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mods.c:103:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s_mods.descriptionPtr += strlen( s_mods.descriptionPtr ) + 1;
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mods.c:104:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s_mods.fs_gamePtr += strlen( s_mods.fs_gamePtr ) + 1;
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mods.c:135:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( filename );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mods.c:170:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen( dirptr ) + 1;
data/openarena-0.8.8+dfsg/code/q3_ui/ui_mods.c:173:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirptr += dirlen + strlen(descptr) + 1;
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playermodel.c:334:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffptr = s_playermodel.modelnames[modelnum] + strlen("models/players/");
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playermodel.c:350:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxlen = strlen(pdest+5)+1;
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playermodel.c:413:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen(dirptr);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playermodel.c:425:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filelen = strlen(fileptr);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playermodel.c:481:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffptr = s_playermodel.modelnames[i] + strlen("models/players/");
data/openarena-0.8.8+dfsg/code/q3_ui/ui_playermodel.c:505:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxlen = strlen(pdest+5)+1;
data/openarena-0.8.8+dfsg/code/q3_ui/ui_preferences.c:385:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s_preferences.crosshair.generic.left = PREFERENCES_X_POS - ( ( strlen(s_preferences.crosshair.generic.name) + 1 ) * SMALLCHAR_WIDTH );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_qmenu.c:397:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(a->generic.name);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_qmenu.c:463:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(rb->generic.name);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_qmenu.c:571:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s->generic.name);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_qmenu.c:786:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s->generic.name) * SMALLCHAR_WIDTH;
data/openarena-0.8.8+dfsg/code/q3_ui/ui_qmenu.c:795:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(str);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_rankings.c:140:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen( f->field.buffer );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_rankings.c:164:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen( f->field.buffer );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_rankings.c:211:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen( f->field.buffer );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_servers2.c:1273:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(protocol)) {
data/openarena-0.8.8+dfsg/code/q3_ui/ui_specifyleague.c:152:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(s_specifyleague.rankname.field.buffer)) != 0))
data/openarena-0.8.8+dfsg/code/q3_ui/ui_specifyserver.c:83:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_sprintf( buff+strlen(buff), 128, ":%s", s_specifyserver.port.field.buffer );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_sppostgame.c:488:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( name );
data/openarena-0.8.8+dfsg/code/q3_ui/ui_startserver.c:1725:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s_serveroptions.botSkill.generic.x = 32 + (strlen(s_serveroptions.botSkill.generic.name) + 2 ) * SMALLCHAR_WIDTH;
data/openarena-0.8.8+dfsg/code/q3_ui/ui_video.c:211:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s_driverinfo.strings[i]);
data/openarena-0.8.8+dfsg/code/q3_ui/ui_video.c:852:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)+1] = 0;
data/openarena-0.8.8+dfsg/code/q3_ui/ui_video.c:853:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf[strlen(buf)] = 'x';
data/openarena-0.8.8+dfsg/code/q3_ui/ui_video.c:854:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trap_Cvar_VariableStringBuffer("r_customheight", buf+strlen(buf), sizeof(buf)-strlen(buf));
data/openarena-0.8.8+dfsg/code/q3_ui/ui_video.c:854:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
trap_Cvar_VariableStringBuffer("r_customheight", buf+strlen(buf), sizeof(buf)-strlen(buf));
data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_custom.c:108:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(text)<1)
data/openarena-0.8.8+dfsg/code/q3_ui/ui_votemenu_kick.c:89:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(playerinfo) ) {
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:66:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(name)-1;
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:90:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(out)-1;
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:115:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
src = path + strlen(path) - 1;
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:750:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( dest, src, destsize-1 );
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:843:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l1 = strlen( dest );
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:864:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(find);
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1000:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int length = strlen( s );
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1040:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= BIG_INFO_STRING ) {
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1131:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= MAX_INFO_STRING ) {
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1165:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(start, s, strlen(s) + 1); // remove this part
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1187:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= BIG_INFO_STRING ) {
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1263:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= MAX_INFO_STRING ) {
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1277:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!value || !strlen(value))
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1282:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(newi) + strlen(s) >= MAX_INFO_STRING)
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1282:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(newi) + strlen(s) >= MAX_INFO_STRING)
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1303:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) >= BIG_INFO_STRING ) {
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1317:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!value || !strlen(value))
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1322:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(newi) + strlen(s) >= BIG_INFO_STRING)
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1322:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(newi) + strlen(s) >= BIG_INFO_STRING)
data/openarena-0.8.8+dfsg/code/qcommon/q_shared.c:1345:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for( i = 0; i < strlen( set ); i++ )
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:237:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(BASEDIRNAME);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:238:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (c=path+strlen(path)-1 ; c != path ; c--)
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:256:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (qdir, path, c+len+count-path);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:258:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( i = 0; i < strlen( qdir ); i++ )
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:269:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (gamedir, path, c+1-path);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:271:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for ( i = 0; i < strlen( gamedir ); i++ )
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:281:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( writedir[strlen( writedir )-1] != '/' )
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:283:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
writedir[strlen( writedir )] = '/';
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:284:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
writedir[strlen( writedir )+1] = 0;
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:357:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
b = malloc(strlen(s)+1);
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:400:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (out, "\\");
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:403:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat (out, "/");
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:814:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
src = path + strlen(path) - 1;
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:843:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(path)-1;
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:853:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(path)-1;
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:876:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
src = path + strlen(path) - 1;
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:892:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
src = path + strlen(path) - 1;
data/openarena-0.8.8+dfsg/code/tools/asm/cmdlib.c:911:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
src = path + strlen(path) - 1;
data/openarena-0.8.8+dfsg/code/tools/asm/q3asm.c:703:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(token, q, p - q);
data/openarena-0.8.8+dfsg/code/ui/ui_atoms.c:193:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(gameFile);
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:93:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infos[count] = UI_Alloc(strlen(info) + strlen("\\num\\") + strlen(va("%d", MAX_ARENAS)) + 1);
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:93:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infos[count] = UI_Alloc(strlen(info) + strlen("\\num\\") + strlen(va("%d", MAX_ARENAS)) + 1);
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:93:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
infos[count] = UI_Alloc(strlen(info) + strlen("\\num\\") + strlen(va("%d", MAX_ARENAS)) + 1);
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:160:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen(dirptr);
data/openarena-0.8.8+dfsg/code/ui/ui_gameinfo.c:283:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen(dirptr);
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:302:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:337:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:383:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:452:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:550:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(text);
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:2588:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(netSources[ui_netSource.integer])<1)
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:2592:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(netSources[ui_netSource.integer])<1)
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:2916:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen( dirptr ) + 1;
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:2920:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirptr += dirlen + strlen(descptr) + 1;
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:2945:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( teamName );
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:2972:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( moviename );
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3009:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( demoname );
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3010:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!Q_stricmp(demoname + len - strlen(demoExt), demoExt)) {
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3011:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
demoname[len-strlen(demoExt)] = '\0';
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3326:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buff) == CDKEY_LEN) {
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3509:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > 0 && strlen(addr) > 0) {
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3509:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > 0 && strlen(addr) > 0) {
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3531:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(addr) > 0) {
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3544:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > 0 && strlen(addr) > 0) {
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3544:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) > 0 && strlen(addr) > 0) {
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3835:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(uiInfo.serverStatus.motd);
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3838:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(uiInfo.serverStatus.motd);
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:3982:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(serverStatusCvars[i].altName) ) {
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:4068:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(&info->pings[len]) + 1;
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:4131:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(uiInfo.findPlayerName)) {
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5061:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirlen = strlen(dirptr);
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5073:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filelen = strlen(fileptr);
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5345:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf)) {
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5403:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_sprintf( buf+strlen(buf), bufsize-strlen(buf), ".%02d GB",
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5403:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_sprintf( buf+strlen(buf), bufsize-strlen(buf), ".%02d GB",
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5407:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_sprintf( buf+strlen(buf), bufsize-strlen(buf), ".%02d MB",
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:5407:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Com_sprintf( buf+strlen(buf), bufsize-strlen(buf), ".%02d MB",
data/openarena-0.8.8+dfsg/code/ui/ui_main.c:6069:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ptr)) {
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:187:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(p);
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:2039:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buff);
data/openarena-0.8.8+dfsg/code/ui/ui_shared.c:2939:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buff, start, p-start+1);
ANALYSIS SUMMARY:
Hits = 2026
Lines analyzed = 150613 in approximately 3.38 seconds (44622 lines/second)
Physical Source Lines of Code (SLOC) = 102276
Hits@level = [0] 13 [1] 294 [2] 1449 [3] 150 [4] 132 [5] 1
Hits@level+ = [0+] 2039 [1+] 2026 [2+] 1732 [3+] 283 [4+] 133 [5+] 1
Hits/KSLOC@level+ = [0+] 19.9363 [1+] 19.8091 [2+] 16.9346 [3+] 2.76702 [4+] 1.3004 [5+] 0.00977746
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.