Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/openttd-1.10.3/os/os2/svnver1.c
Examining data/openttd-1.10.3/os/os2/svnver2.c
Examining data/openttd-1.10.3/src/stringfilter_type.h
Examining data/openttd-1.10.3/src/void_cmd.cpp
Examining data/openttd-1.10.3/src/industry_map.h
Examining data/openttd-1.10.3/src/core/enum_type.hpp
Examining data/openttd-1.10.3/src/core/alloc_func.cpp
Examining data/openttd-1.10.3/src/core/pool_type.hpp
Examining data/openttd-1.10.3/src/core/random_func.cpp
Examining data/openttd-1.10.3/src/core/alloc_type.hpp
Examining data/openttd-1.10.3/src/core/endian_func.hpp
Examining data/openttd-1.10.3/src/core/smallvec_type.hpp
Examining data/openttd-1.10.3/src/core/random_func.hpp
Examining data/openttd-1.10.3/src/core/math_func.cpp
Examining data/openttd-1.10.3/src/core/multimap.hpp
Examining data/openttd-1.10.3/src/core/overflowsafe_type.hpp
Examining data/openttd-1.10.3/src/core/geometry_func.cpp
Examining data/openttd-1.10.3/src/core/bitmath_func.hpp
Examining data/openttd-1.10.3/src/core/pool_func.hpp
Examining data/openttd-1.10.3/src/core/alloc_func.hpp
Examining data/openttd-1.10.3/src/core/pool_func.cpp
Examining data/openttd-1.10.3/src/core/mem_func.hpp
Examining data/openttd-1.10.3/src/core/endian_type.hpp
Examining data/openttd-1.10.3/src/core/math_func.hpp
Examining data/openttd-1.10.3/src/core/kdtree.hpp
Examining data/openttd-1.10.3/src/core/smallmap_type.hpp
Examining data/openttd-1.10.3/src/core/backup_type.hpp
Examining data/openttd-1.10.3/src/core/string_compare_type.hpp
Examining data/openttd-1.10.3/src/core/smallmatrix_type.hpp
Examining data/openttd-1.10.3/src/core/geometry_type.hpp
Examining data/openttd-1.10.3/src/core/smallstack_type.hpp
Examining data/openttd-1.10.3/src/core/bitmath_func.cpp
Examining data/openttd-1.10.3/src/core/geometry_func.hpp
Examining data/openttd-1.10.3/src/group_gui.cpp
Examining data/openttd-1.10.3/src/build_vehicle_gui.cpp
Examining data/openttd-1.10.3/src/newgrf_text.cpp
Examining data/openttd-1.10.3/src/waypoint_base.h
Examining data/openttd-1.10.3/src/timetable_cmd.cpp
Examining data/openttd-1.10.3/src/driver.h
Examining data/openttd-1.10.3/src/story_type.h
Examining data/openttd-1.10.3/src/window.cpp
Examining data/openttd-1.10.3/src/industrytype.h
Examining data/openttd-1.10.3/src/screenshot_gui.h
Examining data/openttd-1.10.3/src/cargopacket.h
Examining data/openttd-1.10.3/src/gfx_type.h
Examining data/openttd-1.10.3/src/airport.cpp
Examining data/openttd-1.10.3/src/industry_gui.cpp
Examining data/openttd-1.10.3/src/viewport_sprite_sorter_sse4.cpp
Examining data/openttd-1.10.3/src/timetable.h
Examining data/openttd-1.10.3/src/train.h
Examining data/openttd-1.10.3/src/newgrf_profiling.cpp
Examining data/openttd-1.10.3/src/newgrf_town.cpp
Examining data/openttd-1.10.3/src/misc_gui.cpp
Examining data/openttd-1.10.3/src/depot_base.h
Examining data/openttd-1.10.3/src/date_type.h
Examining data/openttd-1.10.3/src/cargoaction.h
Examining data/openttd-1.10.3/src/newgrf_airporttiles.cpp
Examining data/openttd-1.10.3/src/widget_type.h
Examining data/openttd-1.10.3/src/signal_func.h
Examining data/openttd-1.10.3/src/newgrf_text.h
Examining data/openttd-1.10.3/src/tunnelbridge_cmd.cpp
Examining data/openttd-1.10.3/src/vehicle_gui.h
Examining data/openttd-1.10.3/src/bmp.cpp
Examining data/openttd-1.10.3/src/economy_type.h
Examining data/openttd-1.10.3/src/timetable_gui.cpp
Examining data/openttd-1.10.3/src/aircraft_gui.cpp
Examining data/openttd-1.10.3/src/heightmap.h
Examining data/openttd-1.10.3/src/graph_gui.h
Examining data/openttd-1.10.3/src/engine_func.h
Examining data/openttd-1.10.3/src/ship_cmd.cpp
Examining data/openttd-1.10.3/src/settings.cpp
Examining data/openttd-1.10.3/src/newgrf_cargo.cpp
Examining data/openttd-1.10.3/src/newgrf_class.h
Examining data/openttd-1.10.3/src/misc_cmd.cpp
Examining data/openttd-1.10.3/src/console.cpp
Examining data/openttd-1.10.3/src/map_type.h
Examining data/openttd-1.10.3/src/economy.cpp
Examining data/openttd-1.10.3/src/newgrf_generic.h
Examining data/openttd-1.10.3/src/newgrf_station.cpp
Examining data/openttd-1.10.3/src/fileio.cpp
Examining data/openttd-1.10.3/src/roadveh_cmd.cpp
Examining data/openttd-1.10.3/src/base_station_base.h
Examining data/openttd-1.10.3/src/terraform_cmd.cpp
Examining data/openttd-1.10.3/src/goal_gui.cpp
Examining data/openttd-1.10.3/src/slope_type.h
Examining data/openttd-1.10.3/src/effectvehicle_func.h
Examining data/openttd-1.10.3/src/graph_gui.cpp
Examining data/openttd-1.10.3/src/settings_internal.h
Examining data/openttd-1.10.3/src/waypoint_func.h
Examining data/openttd-1.10.3/src/string_base.h
Examining data/openttd-1.10.3/src/subsidy_gui.cpp
Examining data/openttd-1.10.3/src/newgrf_object.cpp
Examining data/openttd-1.10.3/src/debug.h
Examining data/openttd-1.10.3/src/clear_func.h
Examining data/openttd-1.10.3/src/company_gui.cpp
Examining data/openttd-1.10.3/src/vehicle.cpp
Examining data/openttd-1.10.3/src/bridge_map.h
Examining data/openttd-1.10.3/src/company_gui.h
Examining data/openttd-1.10.3/src/company_manager_face.h
Examining data/openttd-1.10.3/src/road_gui.h
Examining data/openttd-1.10.3/src/townname_type.h
Examining data/openttd-1.10.3/src/textfile_type.h
Examining data/openttd-1.10.3/src/sound_func.h
Examining data/openttd-1.10.3/src/newgrf_roadtype.h
Examining data/openttd-1.10.3/src/rail_type.h
Examining data/openttd-1.10.3/src/signs_func.h
Examining data/openttd-1.10.3/src/zoom_func.h
Examining data/openttd-1.10.3/src/gamelog.h
Examining data/openttd-1.10.3/src/newgrf_commons.h
Examining data/openttd-1.10.3/src/waypoint_gui.cpp
Examining data/openttd-1.10.3/src/heightmap.cpp
Examining data/openttd-1.10.3/src/object_gui.cpp
Examining data/openttd-1.10.3/src/intro_gui.cpp
Examining data/openttd-1.10.3/src/order_gui.cpp
Examining data/openttd-1.10.3/src/object_cmd.cpp
Examining data/openttd-1.10.3/src/console_type.h
Examining data/openttd-1.10.3/src/road_gui.cpp
Examining data/openttd-1.10.3/src/disaster_vehicle.h
Examining data/openttd-1.10.3/src/bridge_gui.cpp
Examining data/openttd-1.10.3/src/newgrf_object.h
Examining data/openttd-1.10.3/src/widgets/error_widget.h
Examining data/openttd-1.10.3/src/widgets/toolbar_widget.h
Examining data/openttd-1.10.3/src/widgets/main_widget.h
Examining data/openttd-1.10.3/src/widgets/cheat_widget.h
Examining data/openttd-1.10.3/src/widgets/order_widget.h
Examining data/openttd-1.10.3/src/widgets/goal_widget.h
Examining data/openttd-1.10.3/src/widgets/screenshot_widget.h
Examining data/openttd-1.10.3/src/widgets/industry_widget.h
Examining data/openttd-1.10.3/src/widgets/vehicle_widget.h
Examining data/openttd-1.10.3/src/widgets/dropdown_widget.h
Examining data/openttd-1.10.3/src/widgets/town_widget.h
Examining data/openttd-1.10.3/src/widgets/date_widget.h
Examining data/openttd-1.10.3/src/widgets/console_widget.h
Examining data/openttd-1.10.3/src/widgets/music_widget.h
Examining data/openttd-1.10.3/src/widgets/framerate_widget.h
Examining data/openttd-1.10.3/src/widgets/graph_widget.h
Examining data/openttd-1.10.3/src/widgets/engine_widget.h
Examining data/openttd-1.10.3/src/widgets/statusbar_widget.h
Examining data/openttd-1.10.3/src/widgets/newgrf_widget.h
Examining data/openttd-1.10.3/src/widgets/dropdown.cpp
Examining data/openttd-1.10.3/src/widgets/rail_widget.h
Examining data/openttd-1.10.3/src/widgets/terraform_widget.h
Examining data/openttd-1.10.3/src/widgets/depot_widget.h
Examining data/openttd-1.10.3/src/widgets/link_graph_legend_widget.h
Examining data/openttd-1.10.3/src/widgets/network_chat_widget.h
Examining data/openttd-1.10.3/src/widgets/bootstrap_widget.h
Examining data/openttd-1.10.3/src/widgets/ai_widget.h
Examining data/openttd-1.10.3/src/widgets/newgrf_debug_widget.h
Examining data/openttd-1.10.3/src/widgets/highscore_widget.h
Examining data/openttd-1.10.3/src/widgets/smallmap_widget.h
Examining data/openttd-1.10.3/src/widgets/intro_widget.h
Examining data/openttd-1.10.3/src/widgets/fios_widget.h
Examining data/openttd-1.10.3/src/widgets/network_widget.h
Examining data/openttd-1.10.3/src/widgets/viewport_widget.h
Examining data/openttd-1.10.3/src/widgets/story_widget.h
Examining data/openttd-1.10.3/src/widgets/group_widget.h
Examining data/openttd-1.10.3/src/widgets/autoreplace_widget.h
Examining data/openttd-1.10.3/src/widgets/road_widget.h
Examining data/openttd-1.10.3/src/widgets/misc_widget.h
Examining data/openttd-1.10.3/src/widgets/dropdown_func.h
Examining data/openttd-1.10.3/src/widgets/subsidy_widget.h
Examining data/openttd-1.10.3/src/widgets/network_content_widget.h
Examining data/openttd-1.10.3/src/widgets/bridge_widget.h
Examining data/openttd-1.10.3/src/widgets/settings_widget.h
Examining data/openttd-1.10.3/src/widgets/tree_widget.h
Examining data/openttd-1.10.3/src/widgets/dock_widget.h
Examining data/openttd-1.10.3/src/widgets/transparency_widget.h
Examining data/openttd-1.10.3/src/widgets/airport_widget.h
Examining data/openttd-1.10.3/src/widgets/dropdown_type.h
Examining data/openttd-1.10.3/src/widgets/object_widget.h
Examining data/openttd-1.10.3/src/widgets/osk_widget.h
Examining data/openttd-1.10.3/src/widgets/sign_widget.h
Examining data/openttd-1.10.3/src/widgets/build_vehicle_widget.h
Examining data/openttd-1.10.3/src/widgets/company_widget.h
Examining data/openttd-1.10.3/src/widgets/genworld_widget.h
Examining data/openttd-1.10.3/src/widgets/news_widget.h
Examining data/openttd-1.10.3/src/widgets/station_widget.h
Examining data/openttd-1.10.3/src/widgets/waypoint_widget.h
Examining data/openttd-1.10.3/src/widgets/timetable_widget.h
Examining data/openttd-1.10.3/src/cargotype.cpp
Examining data/openttd-1.10.3/src/object_map.h
Examining data/openttd-1.10.3/src/widget.cpp
Examining data/openttd-1.10.3/src/fontdetection.cpp
Examining data/openttd-1.10.3/src/tile_cmd.h
Examining data/openttd-1.10.3/src/statusbar_gui.h
Examining data/openttd-1.10.3/src/transport_type.h
Examining data/openttd-1.10.3/src/fios.h
Examining data/openttd-1.10.3/src/tilehighlight_type.h
Examining data/openttd-1.10.3/src/gfxinit.cpp
Examining data/openttd-1.10.3/src/cargomonitor.cpp
Examining data/openttd-1.10.3/src/strings_func.h
Examining data/openttd-1.10.3/src/road_map.cpp
Examining data/openttd-1.10.3/src/order_base.h
Examining data/openttd-1.10.3/src/fontcache.h
Examining data/openttd-1.10.3/src/ini_type.h
Examining data/openttd-1.10.3/src/goal_type.h
Examining data/openttd-1.10.3/src/newgrf_config.h
Examining data/openttd-1.10.3/src/settings_func.h
Examining data/openttd-1.10.3/src/rail.h
Examining data/openttd-1.10.3/src/settingsgen/settingsgen.cpp
Examining data/openttd-1.10.3/src/vehiclelist.h
Examining data/openttd-1.10.3/src/language.h
Examining data/openttd-1.10.3/src/livery.h
Examining data/openttd-1.10.3/src/water_cmd.cpp
Examining data/openttd-1.10.3/src/house_type.h
Examining data/openttd-1.10.3/src/town_kdtree.h
Examining data/openttd-1.10.3/src/clear_cmd.cpp
Examining data/openttd-1.10.3/src/viewport_func.h
Examining data/openttd-1.10.3/src/stringfilter.cpp
Examining data/openttd-1.10.3/src/guitimer_func.h
Examining data/openttd-1.10.3/src/base_media_func.h
Examining data/openttd-1.10.3/src/void_map.h
Examining data/openttd-1.10.3/src/rail.cpp
Examining data/openttd-1.10.3/src/strgen/strgen.cpp
Examining data/openttd-1.10.3/src/strgen/strgen_base.cpp
Examining data/openttd-1.10.3/src/strgen/strgen.h
Examining data/openttd-1.10.3/src/vehicle_func.h
Examining data/openttd-1.10.3/src/fios.cpp
Examining data/openttd-1.10.3/src/network/core/tcp_content.cpp
Examining data/openttd-1.10.3/src/network/core/tcp_admin.h
Examining data/openttd-1.10.3/src/network/core/tcp.h
Examining data/openttd-1.10.3/src/network/core/core.h
Examining data/openttd-1.10.3/src/network/core/tcp_admin.cpp
Examining data/openttd-1.10.3/src/network/core/tcp_game.cpp
Examining data/openttd-1.10.3/src/network/core/tcp_game.h
Examining data/openttd-1.10.3/src/network/core/tcp.cpp
Examining data/openttd-1.10.3/src/network/core/tcp_content.h
Examining data/openttd-1.10.3/src/network/core/tcp_listen.h
Examining data/openttd-1.10.3/src/network/core/address.h
Examining data/openttd-1.10.3/src/network/core/tcp_connect.cpp
Examining data/openttd-1.10.3/src/network/core/config.h
Examining data/openttd-1.10.3/src/network/core/host.cpp
Examining data/openttd-1.10.3/src/network/core/host.h
Examining data/openttd-1.10.3/src/network/core/address.cpp
Examining data/openttd-1.10.3/src/network/core/packet.cpp
Examining data/openttd-1.10.3/src/network/core/packet.h
Examining data/openttd-1.10.3/src/network/core/game.h
Examining data/openttd-1.10.3/src/network/core/tcp_http.cpp
Examining data/openttd-1.10.3/src/network/core/core.cpp
Examining data/openttd-1.10.3/src/network/core/udp.cpp
Examining data/openttd-1.10.3/src/network/core/os_abstraction.h
Examining data/openttd-1.10.3/src/network/core/tcp_http.h
Examining data/openttd-1.10.3/src/network/core/udp.h
Examining data/openttd-1.10.3/src/network/network_admin.cpp
Examining data/openttd-1.10.3/src/network/network_client.cpp
Examining data/openttd-1.10.3/src/network/network_func.h
Examining data/openttd-1.10.3/src/network/network_internal.h
Examining data/openttd-1.10.3/src/network/network_gamelist.cpp
Examining data/openttd-1.10.3/src/network/network_content.h
Examining data/openttd-1.10.3/src/network/network_command.cpp
Examining data/openttd-1.10.3/src/network/network.h
Examining data/openttd-1.10.3/src/network/network_content_gui.cpp
Examining data/openttd-1.10.3/src/network/network_udp.cpp
Examining data/openttd-1.10.3/src/network/network_server.cpp
Examining data/openttd-1.10.3/src/network/network_udp.h
Examining data/openttd-1.10.3/src/network/network_gui.cpp
Examining data/openttd-1.10.3/src/network/network_content.cpp
Examining data/openttd-1.10.3/src/network/network_type.h
Examining data/openttd-1.10.3/src/network/network_client.h
Examining data/openttd-1.10.3/src/network/network_content_gui.h
Examining data/openttd-1.10.3/src/network/network_base.h
Examining data/openttd-1.10.3/src/network/network_gamelist.h
Examining data/openttd-1.10.3/src/network/network_chat_gui.cpp
Examining data/openttd-1.10.3/src/network/network.cpp
Examining data/openttd-1.10.3/src/network/network_gui.h
Examining data/openttd-1.10.3/src/network/network_server.h
Examining data/openttd-1.10.3/src/network/network_admin.h
Examining data/openttd-1.10.3/src/subsidy_type.h
Examining data/openttd-1.10.3/src/newgrf_animation_base.h
Examining data/openttd-1.10.3/src/signs.cpp
Examining data/openttd-1.10.3/src/autoreplace_func.h
Examining data/openttd-1.10.3/src/townname.cpp
Examining data/openttd-1.10.3/src/highscore_gui.cpp
Examining data/openttd-1.10.3/src/elrail.cpp
Examining data/openttd-1.10.3/src/station_map.h
Examining data/openttd-1.10.3/src/gfx_layout.cpp
Examining data/openttd-1.10.3/src/stdafx.h
Examining data/openttd-1.10.3/src/cmd_helper.h
Examining data/openttd-1.10.3/src/newgrf_config.cpp
Examining data/openttd-1.10.3/src/currency.h
Examining data/openttd-1.10.3/src/transparency.h
Examining data/openttd-1.10.3/src/newgrf_profiling.h
Examining data/openttd-1.10.3/src/bmp.h
Examining data/openttd-1.10.3/src/order_func.h
Examining data/openttd-1.10.3/src/airport_gui.cpp
Examining data/openttd-1.10.3/src/newgrf_airporttiles.h
Examining data/openttd-1.10.3/src/slope_func.h
Examining data/openttd-1.10.3/src/newgrf_properties.h
Examining data/openttd-1.10.3/src/game/game_instance.cpp
Examining data/openttd-1.10.3/src/game/game_scanner.cpp
Examining data/openttd-1.10.3/src/game/game.hpp
Examining data/openttd-1.10.3/src/game/game_config.cpp
Examining data/openttd-1.10.3/src/game/game_text.cpp
Examining data/openttd-1.10.3/src/game/game_scanner.hpp
Examining data/openttd-1.10.3/src/game/game_info.cpp
Examining data/openttd-1.10.3/src/game/game_instance.hpp
Examining data/openttd-1.10.3/src/game/game_text.hpp
Examining data/openttd-1.10.3/src/game/game_core.cpp
Examining data/openttd-1.10.3/src/game/game_info.hpp
Examining data/openttd-1.10.3/src/game/game_config.hpp
Examining data/openttd-1.10.3/src/station_cmd.cpp
Examining data/openttd-1.10.3/src/depot_func.h
Examining data/openttd-1.10.3/src/highscore.cpp
Examining data/openttd-1.10.3/src/fios_gui.cpp
Examining data/openttd-1.10.3/src/animated_tile.cpp
Examining data/openttd-1.10.3/src/dedicated.cpp
Examining data/openttd-1.10.3/src/string.cpp
Examining data/openttd-1.10.3/src/signal_type.h
Examining data/openttd-1.10.3/src/elrail_func.h
Examining data/openttd-1.10.3/src/blitter/8bpp_simple.hpp
Examining data/openttd-1.10.3/src/blitter/8bpp_base.hpp
Examining data/openttd-1.10.3/src/blitter/32bpp_base.hpp
Examining data/openttd-1.10.3/src/blitter/32bpp_sse4.cpp
Examining data/openttd-1.10.3/src/blitter/8bpp_optimized.hpp
Examining data/openttd-1.10.3/src/blitter/factory.hpp
Examining data/openttd-1.10.3/src/blitter/32bpp_base.cpp
Examining data/openttd-1.10.3/src/blitter/32bpp_anim.hpp
Examining data/openttd-1.10.3/src/blitter/32bpp_sse_type.h
Examining data/openttd-1.10.3/src/blitter/8bpp_base.cpp
Examining data/openttd-1.10.3/src/blitter/32bpp_anim_sse2.hpp
Examining data/openttd-1.10.3/src/blitter/32bpp_anim.cpp
Examining data/openttd-1.10.3/src/blitter/32bpp_optimized.hpp
Examining data/openttd-1.10.3/src/blitter/null.cpp
Examining data/openttd-1.10.3/src/blitter/32bpp_simple.cpp
Examining data/openttd-1.10.3/src/blitter/32bpp_anim_sse4.hpp
Examining data/openttd-1.10.3/src/blitter/base.hpp
Examining data/openttd-1.10.3/src/blitter/8bpp_optimized.cpp
Examining data/openttd-1.10.3/src/blitter/32bpp_ssse3.hpp
Examining data/openttd-1.10.3/src/blitter/32bpp_sse_func.hpp
Examining data/openttd-1.10.3/src/blitter/32bpp_sse2.hpp
Examining data/openttd-1.10.3/src/blitter/8bpp_simple.cpp
Examining data/openttd-1.10.3/src/blitter/32bpp_anim_sse2.cpp
Examining data/openttd-1.10.3/src/blitter/32bpp_optimized.cpp
Examining data/openttd-1.10.3/src/blitter/32bpp_anim_sse4.cpp
Examining data/openttd-1.10.3/src/blitter/32bpp_simple.hpp
Examining data/openttd-1.10.3/src/blitter/32bpp_sse4.hpp
Examining data/openttd-1.10.3/src/blitter/common.hpp
Examining data/openttd-1.10.3/src/blitter/null.hpp
Examining data/openttd-1.10.3/src/blitter/32bpp_ssse3.cpp
Examining data/openttd-1.10.3/src/blitter/32bpp_sse2.cpp
Examining data/openttd-1.10.3/src/hotkeys.cpp
Examining data/openttd-1.10.3/src/newgrf_spritegroup.cpp
Examining data/openttd-1.10.3/src/progress.h
Examining data/openttd-1.10.3/src/sortlist_type.h
Examining data/openttd-1.10.3/src/music.cpp
Examining data/openttd-1.10.3/src/town_type.h
Examining data/openttd-1.10.3/src/group_cmd.cpp
Examining data/openttd-1.10.3/src/screenshot_gui.cpp
Examining data/openttd-1.10.3/src/water_map.h
Examining data/openttd-1.10.3/src/newgrf_storage.cpp
Examining data/openttd-1.10.3/src/depot.cpp
Examining data/openttd-1.10.3/src/fontdetection.h
Examining data/openttd-1.10.3/src/tilehighlight_func.h
Examining data/openttd-1.10.3/src/window_func.h
Examining data/openttd-1.10.3/src/engine_gui.h
Examining data/openttd-1.10.3/src/toolbar_gui.cpp
Examining data/openttd-1.10.3/src/depot_gui.cpp
Examining data/openttd-1.10.3/src/station_type.h
Examining data/openttd-1.10.3/src/smallmap_gui.h
Examining data/openttd-1.10.3/src/ini.cpp
Examining data/openttd-1.10.3/src/cargomonitor.h
Examining data/openttd-1.10.3/src/newgrf_spritegroup.h
Examining data/openttd-1.10.3/src/base_media_base.h
Examining data/openttd-1.10.3/src/tgp.cpp
Examining data/openttd-1.10.3/src/industry_cmd.cpp
Examining data/openttd-1.10.3/src/pbs.cpp
Examining data/openttd-1.10.3/src/waypoint.cpp
Examining data/openttd-1.10.3/src/console_func.h
Examining data/openttd-1.10.3/src/track_type.h
Examining data/openttd-1.10.3/src/landscape.h
Examining data/openttd-1.10.3/src/newgrf_industrytiles.h
Examining data/openttd-1.10.3/src/command_func.h
Examining data/openttd-1.10.3/src/crashlog.h
Examining data/openttd-1.10.3/src/tunnelbridge.h
Examining data/openttd-1.10.3/src/company_cmd.cpp
Examining data/openttd-1.10.3/src/command.cpp
Examining data/openttd-1.10.3/src/newgrf_engine.h
Examining data/openttd-1.10.3/src/sound_type.h
Examining data/openttd-1.10.3/src/strings_type.h
Examining data/openttd-1.10.3/src/spritecache.h
Examining data/openttd-1.10.3/src/newgrf_roadtype.cpp
Examining data/openttd-1.10.3/src/os/unix/unix.cpp
Examining data/openttd-1.10.3/src/os/unix/crashlog_unix.cpp
Examining data/openttd-1.10.3/src/os/windows/string_uniscribe.cpp
Examining data/openttd-1.10.3/src/os/windows/crashlog_win.cpp
Examining data/openttd-1.10.3/src/os/windows/win32.cpp
Examining data/openttd-1.10.3/src/os/windows/string_uniscribe.h
Examining data/openttd-1.10.3/src/os/windows/win32.h
Examining data/openttd-1.10.3/src/os/macosx/macos.h
Examining data/openttd-1.10.3/src/os/macosx/crashlog_osx.cpp
Examining data/openttd-1.10.3/src/os/macosx/splash.cpp
Examining data/openttd-1.10.3/src/os/macosx/string_osx.cpp
Examining data/openttd-1.10.3/src/os/macosx/G5_detector.cpp
Examining data/openttd-1.10.3/src/os/macosx/string_osx.h
Examining data/openttd-1.10.3/src/os/macosx/osx_stdafx.h
Examining data/openttd-1.10.3/src/os/macosx/splash.h
Examining data/openttd-1.10.3/src/os/os2/os2.cpp
Examining data/openttd-1.10.3/src/aircraft.h
Examining data/openttd-1.10.3/src/viewport_gui.cpp
Examining data/openttd-1.10.3/src/newgrf_gui.cpp
Examining data/openttd-1.10.3/src/base_consist.cpp
Examining data/openttd-1.10.3/src/subsidy_base.h
Examining data/openttd-1.10.3/src/subsidy_func.h
Examining data/openttd-1.10.3/src/road.cpp
Examining data/openttd-1.10.3/src/cargoaction.cpp
Examining data/openttd-1.10.3/src/newgrf_airport.cpp
Examining data/openttd-1.10.3/src/depot_map.h
Examining data/openttd-1.10.3/src/framerate_gui.cpp
Examining data/openttd-1.10.3/src/querystring_gui.h
Examining data/openttd-1.10.3/src/texteff.hpp
Examining data/openttd-1.10.3/src/town_map.h
Examining data/openttd-1.10.3/src/road_type.h
Examining data/openttd-1.10.3/src/news_gui.cpp
Examining data/openttd-1.10.3/src/smallmap_gui.cpp
Examining data/openttd-1.10.3/src/station.cpp
Examining data/openttd-1.10.3/src/saveload/oldloader.h
Examining data/openttd-1.10.3/src/saveload/town_sl.cpp
Examining data/openttd-1.10.3/src/saveload/afterload.cpp
Examining data/openttd-1.10.3/src/saveload/depot_sl.cpp
Examining data/openttd-1.10.3/src/saveload/storage_sl.cpp
Examining data/openttd-1.10.3/src/saveload/linkgraph_sl.cpp
Examining data/openttd-1.10.3/src/saveload/signs_sl.cpp
Examining data/openttd-1.10.3/src/saveload/cheat_sl.cpp
Examining data/openttd-1.10.3/src/saveload/labelmaps_sl.cpp
Examining data/openttd-1.10.3/src/saveload/oldloader_sl.cpp
Examining data/openttd-1.10.3/src/saveload/company_sl.cpp
Examining data/openttd-1.10.3/src/saveload/order_sl.cpp
Examining data/openttd-1.10.3/src/saveload/ai_sl.cpp
Examining data/openttd-1.10.3/src/saveload/saveload.cpp
Examining data/openttd-1.10.3/src/saveload/animated_tile_sl.cpp
Examining data/openttd-1.10.3/src/saveload/vehicle_sl.cpp
Examining data/openttd-1.10.3/src/saveload/cargomonitor_sl.cpp
Examining data/openttd-1.10.3/src/saveload/saveload.h
Examining data/openttd-1.10.3/src/saveload/saveload_internal.h
Examining data/openttd-1.10.3/src/saveload/game_sl.cpp
Examining data/openttd-1.10.3/src/saveload/economy_sl.cpp
Examining data/openttd-1.10.3/src/saveload/station_sl.cpp
Examining data/openttd-1.10.3/src/saveload/goal_sl.cpp
Examining data/openttd-1.10.3/src/saveload/saveload_filter.h
Examining data/openttd-1.10.3/src/saveload/cargopacket_sl.cpp
Examining data/openttd-1.10.3/src/saveload/group_sl.cpp
Examining data/openttd-1.10.3/src/saveload/engine_sl.cpp
Examining data/openttd-1.10.3/src/saveload/object_sl.cpp
Examining data/openttd-1.10.3/src/saveload/airport_sl.cpp
Examining data/openttd-1.10.3/src/saveload/newgrf_sl.cpp
Examining data/openttd-1.10.3/src/saveload/oldloader.cpp
Examining data/openttd-1.10.3/src/saveload/story_sl.cpp
Examining data/openttd-1.10.3/src/saveload/strings_sl.cpp
Examining data/openttd-1.10.3/src/saveload/misc_sl.cpp
Examining data/openttd-1.10.3/src/saveload/gamelog_sl.cpp
Examining data/openttd-1.10.3/src/saveload/newgrf_sl.h
Examining data/openttd-1.10.3/src/saveload/autoreplace_sl.cpp
Examining data/openttd-1.10.3/src/saveload/map_sl.cpp
Examining data/openttd-1.10.3/src/saveload/subsidy_sl.cpp
Examining data/openttd-1.10.3/src/saveload/waypoint_sl.cpp
Examining data/openttd-1.10.3/src/saveload/industry_sl.cpp
Examining data/openttd-1.10.3/src/textbuf_type.h
Examining data/openttd-1.10.3/src/station_gui.cpp
Examining data/openttd-1.10.3/src/window_gui.h
Examining data/openttd-1.10.3/src/signs_cmd.cpp
Examining data/openttd-1.10.3/src/newgrf_town.h
Examining data/openttd-1.10.3/src/ground_vehicle.cpp
Examining data/openttd-1.10.3/src/disaster_vehicle.cpp
Examining data/openttd-1.10.3/src/error_gui.cpp
Examining data/openttd-1.10.3/src/roadveh.h
Examining data/openttd-1.10.3/src/industry.h
Examining data/openttd-1.10.3/src/pathfinder/pf_performance_timer.hpp
Examining data/openttd-1.10.3/src/pathfinder/follow_track.hpp
Examining data/openttd-1.10.3/src/pathfinder/npf/npf_func.h
Examining data/openttd-1.10.3/src/pathfinder/npf/aystar.cpp
Examining data/openttd-1.10.3/src/pathfinder/npf/aystar.h
Examining data/openttd-1.10.3/src/pathfinder/npf/queue.h
Examining data/openttd-1.10.3/src/pathfinder/npf/npf.cpp
Examining data/openttd-1.10.3/src/pathfinder/npf/queue.cpp
Examining data/openttd-1.10.3/src/pathfinder/pathfinder_type.h
Examining data/openttd-1.10.3/src/pathfinder/yapf/yapf_node_road.hpp
Examining data/openttd-1.10.3/src/pathfinder/yapf/yapf_base.hpp
Examining data/openttd-1.10.3/src/pathfinder/yapf/yapf_costcache.hpp
Examining data/openttd-1.10.3/src/pathfinder/yapf/yapf_costrail.hpp
Examining data/openttd-1.10.3/src/pathfinder/yapf/yapf_type.hpp
Examining data/openttd-1.10.3/src/pathfinder/yapf/yapf_node.hpp
Examining data/openttd-1.10.3/src/pathfinder/yapf/yapf_costbase.hpp
Examining data/openttd-1.10.3/src/pathfinder/yapf/nodelist.hpp
Examining data/openttd-1.10.3/src/pathfinder/yapf/yapf_common.hpp
Examining data/openttd-1.10.3/src/pathfinder/yapf/yapf_node_rail.hpp
Examining data/openttd-1.10.3/src/pathfinder/yapf/yapf_ship.cpp
Examining data/openttd-1.10.3/src/pathfinder/yapf/yapf_road.cpp
Examining data/openttd-1.10.3/src/pathfinder/yapf/yapf_rail.cpp
Examining data/openttd-1.10.3/src/pathfinder/yapf/yapf.hpp
Examining data/openttd-1.10.3/src/pathfinder/yapf/yapf.h
Examining data/openttd-1.10.3/src/pathfinder/yapf/yapf_cache.h
Examining data/openttd-1.10.3/src/pathfinder/yapf/yapf_node_ship.hpp
Examining data/openttd-1.10.3/src/pathfinder/yapf/yapf_destrail.hpp
Examining data/openttd-1.10.3/src/pathfinder/pathfinder_func.h
Examining data/openttd-1.10.3/src/newgrf_sound.cpp
Examining data/openttd-1.10.3/src/newgrf_station.h
Examining data/openttd-1.10.3/src/viewport_kdtree.h
Examining data/openttd-1.10.3/src/cpu.h
Examining data/openttd-1.10.3/src/vehicle_gui_base.h
Examining data/openttd-1.10.3/src/tile_map.h
Examining data/openttd-1.10.3/src/openttd.cpp
Examining data/openttd-1.10.3/src/ground_vehicle.hpp
Examining data/openttd-1.10.3/src/newgrf_class_func.h
Examining data/openttd-1.10.3/src/signs_base.h
Examining data/openttd-1.10.3/src/misc.cpp
Examining data/openttd-1.10.3/src/articulated_vehicles.cpp
Examining data/openttd-1.10.3/src/gamelog.cpp
Examining data/openttd-1.10.3/src/signs_type.h
Examining data/openttd-1.10.3/src/engine_base.h
Examining data/openttd-1.10.3/src/sprite.h
Examining data/openttd-1.10.3/src/rail_cmd.cpp
Examining data/openttd-1.10.3/src/window_type.h
Examining data/openttd-1.10.3/src/autoreplace_base.h
Examining data/openttd-1.10.3/src/error.h
Examining data/openttd-1.10.3/src/music_gui.cpp
Examining data/openttd-1.10.3/src/video/win32_v.cpp
Examining data/openttd-1.10.3/src/video/sdl2_v.cpp
Examining data/openttd-1.10.3/src/video/sdl_v.h
Examining data/openttd-1.10.3/src/video/null_v.h
Examining data/openttd-1.10.3/src/video/sdl_v.cpp
Examining data/openttd-1.10.3/src/video/sdl2_v.h
Examining data/openttd-1.10.3/src/video/win32_v.h
Examining data/openttd-1.10.3/src/video/cocoa/cocoa_v.h
Examining data/openttd-1.10.3/src/video/cocoa/cocoa_keys.h
Examining data/openttd-1.10.3/src/video/dedicated_v.h
Examining data/openttd-1.10.3/src/video/dedicated_v.cpp
Examining data/openttd-1.10.3/src/video/video_driver.hpp
Examining data/openttd-1.10.3/src/video/allegro_v.h
Examining data/openttd-1.10.3/src/video/null_v.cpp
Examining data/openttd-1.10.3/src/video/allegro_v.cpp
Examining data/openttd-1.10.3/src/sound.cpp
Examining data/openttd-1.10.3/src/autoreplace_gui.h
Examining data/openttd-1.10.3/src/signs_gui.cpp
Examining data/openttd-1.10.3/src/misc/dbg_helpers.h
Examining data/openttd-1.10.3/src/misc/getoptdata.h
Examining data/openttd-1.10.3/src/misc/array.hpp
Examining data/openttd-1.10.3/src/misc/binaryheap.hpp
Examining data/openttd-1.10.3/src/misc/blob.hpp
Examining data/openttd-1.10.3/src/misc/str.hpp
Examining data/openttd-1.10.3/src/misc/hashtable.hpp
Examining data/openttd-1.10.3/src/misc/countedptr.hpp
Examining data/openttd-1.10.3/src/misc/getoptdata.cpp
Examining data/openttd-1.10.3/src/misc/dbg_helpers.cpp
Examining data/openttd-1.10.3/src/misc/fixedsizearray.hpp
Examining data/openttd-1.10.3/src/misc/countedobj.cpp
Examining data/openttd-1.10.3/src/landscape_type.h
Examining data/openttd-1.10.3/src/osk_gui.cpp
Examining data/openttd-1.10.3/src/tilearea.cpp
Examining data/openttd-1.10.3/src/gui.h
Examining data/openttd-1.10.3/src/airport.h
Examining data/openttd-1.10.3/src/base_consist.h
Examining data/openttd-1.10.3/src/order_cmd.cpp
Examining data/openttd-1.10.3/src/newgrf.cpp
Examining data/openttd-1.10.3/src/tree_gui.cpp
Examining data/openttd-1.10.3/src/newgrf_canal.cpp
Examining data/openttd-1.10.3/src/bootstrap_gui.cpp
Examining data/openttd-1.10.3/src/screenshot.cpp
Examining data/openttd-1.10.3/src/mixer.h
Examining data/openttd-1.10.3/src/genworld.h
Examining data/openttd-1.10.3/src/direction_func.h
Examining data/openttd-1.10.3/src/newgrf_townname.h
Examining data/openttd-1.10.3/src/genworld.cpp
Examining data/openttd-1.10.3/src/cheat_func.h
Examining data/openttd-1.10.3/src/viewport_sprite_sorter.h
Examining data/openttd-1.10.3/src/engine.cpp
Examining data/openttd-1.10.3/src/industry_type.h
Examining data/openttd-1.10.3/src/bitmap_type.h
Examining data/openttd-1.10.3/src/date_gui.cpp
Examining data/openttd-1.10.3/src/landscape.cpp
Examining data/openttd-1.10.3/src/object.h
Examining data/openttd-1.10.3/src/gfx_layout.h
Examining data/openttd-1.10.3/src/newgrf_engine.cpp
Examining data/openttd-1.10.3/src/driver.cpp
Examining data/openttd-1.10.3/src/dock_gui.cpp
Examining data/openttd-1.10.3/src/tile_type.h
Examining data/openttd-1.10.3/src/tile_map.cpp
Examining data/openttd-1.10.3/src/settings_type.h
Examining data/openttd-1.10.3/src/newgrf_sound.h
Examining data/openttd-1.10.3/src/group_type.h
Examining data/openttd-1.10.3/src/console_gui.h
Examining data/openttd-1.10.3/src/road_cmd.cpp
Examining data/openttd-1.10.3/src/autoreplace_cmd.cpp
Examining data/openttd-1.10.3/src/rail_map.h
Examining data/openttd-1.10.3/src/vehicle_type.h
Examining data/openttd-1.10.3/src/company_type.h
Examining data/openttd-1.10.3/src/date_func.h
Examining data/openttd-1.10.3/src/road_map.h
Examining data/openttd-1.10.3/src/station_kdtree.h
Examining data/openttd-1.10.3/src/transparency_gui.h
Examining data/openttd-1.10.3/src/genworld_gui.cpp
Examining data/openttd-1.10.3/src/script/script_config.hpp
Examining data/openttd-1.10.3/src/script/script_info.cpp
Examining data/openttd-1.10.3/src/script/squirrel_helper_type.hpp
Examining data/openttd-1.10.3/src/script/script_scanner.cpp
Examining data/openttd-1.10.3/src/script/api/ai_changelog.hpp
Examining data/openttd-1.10.3/src/script/api/script_bridgelist.cpp
Examining data/openttd-1.10.3/src/script/api/script_engine.cpp
Examining data/openttd-1.10.3/src/script/api/script_airport.cpp
Examining data/openttd-1.10.3/src/script/api/script_grouplist.hpp
Examining data/openttd-1.10.3/src/script/api/script_waypoint.cpp
Examining data/openttd-1.10.3/src/script/api/script_vehiclelist.hpp
Examining data/openttd-1.10.3/src/script/api/script_station.cpp
Examining data/openttd-1.10.3/src/script/api/script_accounting.cpp
Examining data/openttd-1.10.3/src/script/api/script_company.hpp
Examining data/openttd-1.10.3/src/script/api/script_signlist.hpp
Examining data/openttd-1.10.3/src/script/api/script_storypageelementlist.cpp
Examining data/openttd-1.10.3/src/script/api/script_news.hpp
Examining data/openttd-1.10.3/src/script/api/script_testmode.hpp
Examining data/openttd-1.10.3/src/script/api/script_bridge.hpp
Examining data/openttd-1.10.3/src/script/api/script_text.hpp
Examining data/openttd-1.10.3/src/script/api/script_subsidy.cpp
Examining data/openttd-1.10.3/src/script/api/script_rail.cpp
Examining data/openttd-1.10.3/src/script/api/script_industrylist.hpp
Examining data/openttd-1.10.3/src/script/api/script_marine.hpp
Examining data/openttd-1.10.3/src/script/api/script_industrytype.hpp
Examining data/openttd-1.10.3/src/script/api/script_error.hpp
Examining data/openttd-1.10.3/src/script/api/script_event_types.hpp
Examining data/openttd-1.10.3/src/script/api/script_admin.cpp
Examining data/openttd-1.10.3/src/script/api/script_execmode.cpp
Examining data/openttd-1.10.3/src/script/api/script_cargolist.hpp
Examining data/openttd-1.10.3/src/script/api/script_enginelist.cpp
Examining data/openttd-1.10.3/src/script/api/script_clientlist.cpp
Examining data/openttd-1.10.3/src/script/api/script_station.hpp
Examining data/openttd-1.10.3/src/script/api/script_roadtypelist.hpp
Examining data/openttd-1.10.3/src/script/api/script_tunnel.cpp
Examining data/openttd-1.10.3/src/script/api/script_log.cpp
Examining data/openttd-1.10.3/src/script/api/script_execmode.hpp
Examining data/openttd-1.10.3/src/script/api/script_date.cpp
Examining data/openttd-1.10.3/src/script/api/script_industry.hpp
Examining data/openttd-1.10.3/src/script/api/script_gamesettings.hpp
Examining data/openttd-1.10.3/src/script/api/script_object.hpp
Examining data/openttd-1.10.3/src/script/api/script_clientlist.hpp
Examining data/openttd-1.10.3/src/script/api/script_airport.hpp
Examining data/openttd-1.10.3/src/script/api/script_roadtypelist.cpp
Examining data/openttd-1.10.3/src/script/api/script_group.hpp
Examining data/openttd-1.10.3/src/script/api/script_companymode.hpp
Examining data/openttd-1.10.3/src/script/api/script_sign.cpp
Examining data/openttd-1.10.3/src/script/api/script_town.cpp
Examining data/openttd-1.10.3/src/script/api/script_grouplist.cpp
Examining data/openttd-1.10.3/src/script/api/script_road.cpp
Examining data/openttd-1.10.3/src/script/api/script_error.cpp
Examining data/openttd-1.10.3/src/script/api/script_tile.cpp
Examining data/openttd-1.10.3/src/script/api/script_tunnel.hpp
Examining data/openttd-1.10.3/src/script/api/script_engine.hpp
Examining data/openttd-1.10.3/src/script/api/script_vehicle.cpp
Examining data/openttd-1.10.3/src/script/api/script_types.hpp
Examining data/openttd-1.10.3/src/script/api/script_order.hpp
Examining data/openttd-1.10.3/src/script/api/script_window.hpp
Examining data/openttd-1.10.3/src/script/api/script_client.hpp
Examining data/openttd-1.10.3/src/script/api/script_townlist.cpp
Examining data/openttd-1.10.3/src/script/api/script_companymode.cpp
Examining data/openttd-1.10.3/src/script/api/script_viewport.hpp
Examining data/openttd-1.10.3/src/script/api/script_marine.cpp
Examining data/openttd-1.10.3/src/script/api/script_basestation.cpp
Examining data/openttd-1.10.3/src/script/api/script_viewport.cpp
Examining data/openttd-1.10.3/src/script/api/script_bridgelist.hpp
Examining data/openttd-1.10.3/src/script/api/script_event.hpp
Examining data/openttd-1.10.3/src/script/api/script_vehicle.hpp
Examining data/openttd-1.10.3/src/script/api/script_controller.hpp
Examining data/openttd-1.10.3/src/script/api/script_infrastructure.hpp
Examining data/openttd-1.10.3/src/script/api/script_event.cpp
Examining data/openttd-1.10.3/src/script/api/script_goal.hpp
Examining data/openttd-1.10.3/src/script/api/script_waypointlist.hpp
Examining data/openttd-1.10.3/src/script/api/script_cargomonitor.cpp
Examining data/openttd-1.10.3/src/script/api/script_industrytype.cpp
Examining data/openttd-1.10.3/src/script/api/script_date.hpp
Examining data/openttd-1.10.3/src/script/api/script_townlist.hpp
Examining data/openttd-1.10.3/src/script/api/script_cargo.cpp
Examining data/openttd-1.10.3/src/script/api/script_sign.hpp
Examining data/openttd-1.10.3/src/script/api/script_town.hpp
Examining data/openttd-1.10.3/src/script/api/script_waypoint.hpp
Examining data/openttd-1.10.3/src/script/api/script_tilelist.cpp
Examining data/openttd-1.10.3/src/script/api/script_road.hpp
Examining data/openttd-1.10.3/src/script/api/script_event_types.cpp
Examining data/openttd-1.10.3/src/script/api/script_list.cpp
Examining data/openttd-1.10.3/src/script/api/script_industry.cpp
Examining data/openttd-1.10.3/src/script/api/script_log.hpp
Examining data/openttd-1.10.3/src/script/api/script_signlist.cpp
Examining data/openttd-1.10.3/src/script/api/script_railtypelist.cpp
Examining data/openttd-1.10.3/src/script/api/script_subsidy.hpp
Examining data/openttd-1.10.3/src/script/api/script_window.cpp
Examining data/openttd-1.10.3/src/script/api/script_basestation.hpp
Examining data/openttd-1.10.3/src/script/api/script_order.cpp
Examining data/openttd-1.10.3/src/script/api/script_bridge.cpp
Examining data/openttd-1.10.3/src/script/api/script_gamesettings.cpp
Examining data/openttd-1.10.3/src/script/api/script_railtypelist.hpp
Examining data/openttd-1.10.3/src/script/api/script_base.cpp
Examining data/openttd-1.10.3/src/script/api/script_industrylist.cpp
Examining data/openttd-1.10.3/src/script/api/script_storypageelementlist.hpp
Examining data/openttd-1.10.3/src/script/api/script_story_page.cpp
Examining data/openttd-1.10.3/src/script/api/script_rail.hpp
Examining data/openttd-1.10.3/src/script/api/script_controller.cpp
Examining data/openttd-1.10.3/src/script/api/script_group.cpp
Examining data/openttd-1.10.3/src/script/api/script_depotlist.cpp
Examining data/openttd-1.10.3/src/script/api/script_cargolist.cpp
Examining data/openttd-1.10.3/src/script/api/script_stationlist.cpp
Examining data/openttd-1.10.3/src/script/api/script_cargo.hpp
Examining data/openttd-1.10.3/src/script/api/script_base.hpp
Examining data/openttd-1.10.3/src/script/api/script_enginelist.hpp
Examining data/openttd-1.10.3/src/script/api/script_tile.hpp
Examining data/openttd-1.10.3/src/script/api/script_cargomonitor.hpp
Examining data/openttd-1.10.3/src/script/api/script_company.cpp
Examining data/openttd-1.10.3/src/script/api/script_industrytypelist.cpp
Examining data/openttd-1.10.3/src/script/api/script_info_docs.hpp
Examining data/openttd-1.10.3/src/script/api/script_map.cpp
Examining data/openttd-1.10.3/src/script/api/script_game.cpp
Examining data/openttd-1.10.3/src/script/api/script_client.cpp
Examining data/openttd-1.10.3/src/script/api/script_storypagelist.cpp
Examining data/openttd-1.10.3/src/script/api/script_map.hpp
Examining data/openttd-1.10.3/src/script/api/script_story_page.hpp
Examining data/openttd-1.10.3/src/script/api/script_admin.hpp
Examining data/openttd-1.10.3/src/script/api/script_subsidylist.hpp
Examining data/openttd-1.10.3/src/script/api/script_infrastructure.cpp
Examining data/openttd-1.10.3/src/script/api/script_vehiclelist.cpp
Examining data/openttd-1.10.3/src/script/api/script_news.cpp
Examining data/openttd-1.10.3/src/script/api/script_depotlist.hpp
Examining data/openttd-1.10.3/src/script/api/script_tilelist.hpp
Examining data/openttd-1.10.3/src/script/api/script_object.cpp
Examining data/openttd-1.10.3/src/script/api/game_changelog.hpp
Examining data/openttd-1.10.3/src/script/api/script_subsidylist.cpp
Examining data/openttd-1.10.3/src/script/api/script_stationlist.hpp
Examining data/openttd-1.10.3/src/script/api/script_industrytypelist.hpp
Examining data/openttd-1.10.3/src/script/api/script_testmode.cpp
Examining data/openttd-1.10.3/src/script/api/script_goal.cpp
Examining data/openttd-1.10.3/src/script/api/script_accounting.hpp
Examining data/openttd-1.10.3/src/script/api/script_text.cpp
Examining data/openttd-1.10.3/src/script/api/script_waypointlist.cpp
Examining data/openttd-1.10.3/src/script/api/script_storypagelist.hpp
Examining data/openttd-1.10.3/src/script/api/script_game.hpp
Examining data/openttd-1.10.3/src/script/api/script_list.hpp
Examining data/openttd-1.10.3/src/script/script_config.cpp
Examining data/openttd-1.10.3/src/script/script_fatalerror.hpp
Examining data/openttd-1.10.3/src/script/squirrel_helper.hpp
Examining data/openttd-1.10.3/src/script/script_instance.cpp
Examining data/openttd-1.10.3/src/script/squirrel.cpp
Examining data/openttd-1.10.3/src/script/squirrel.hpp
Examining data/openttd-1.10.3/src/script/script_instance.hpp
Examining data/openttd-1.10.3/src/script/squirrel_std.hpp
Examining data/openttd-1.10.3/src/script/squirrel_std.cpp
Examining data/openttd-1.10.3/src/script/script_suspend.hpp
Examining data/openttd-1.10.3/src/script/script_info_dummy.cpp
Examining data/openttd-1.10.3/src/script/script_scanner.hpp
Examining data/openttd-1.10.3/src/script/script_storage.hpp
Examining data/openttd-1.10.3/src/script/squirrel_class.hpp
Examining data/openttd-1.10.3/src/script/script_info.hpp
Examining data/openttd-1.10.3/src/spritecache.cpp
Examining data/openttd-1.10.3/src/terraform_gui.h
Examining data/openttd-1.10.3/src/gfx_func.h
Examining data/openttd-1.10.3/src/currency.cpp
Examining data/openttd-1.10.3/src/group_gui.h
Examining data/openttd-1.10.3/src/signal.cpp
Examining data/openttd-1.10.3/src/depot_type.h
Examining data/openttd-1.10.3/src/cargotype.h
Examining data/openttd-1.10.3/src/date_gui.h
Examining data/openttd-1.10.3/src/engine_gui.cpp
Examining data/openttd-1.10.3/src/effectvehicle.cpp
Examining data/openttd-1.10.3/src/newgrf_airport.h
Examining data/openttd-1.10.3/src/order_backup.cpp
Examining data/openttd-1.10.3/src/economy_base.h
Examining data/openttd-1.10.3/src/viewport_type.h
Examining data/openttd-1.10.3/src/autoreplace.cpp
Examining data/openttd-1.10.3/src/texteff.cpp
Examining data/openttd-1.10.3/src/engine_type.h
Examining data/openttd-1.10.3/src/table/landscape_sprite.h
Examining data/openttd-1.10.3/src/table/townname.h
Examining data/openttd-1.10.3/src/table/town_land.h
Examining data/openttd-1.10.3/src/table/control_codes.h
Examining data/openttd-1.10.3/src/table/airport_movement.h
Examining data/openttd-1.10.3/src/table/newgrf_debug_data.h
Examining data/openttd-1.10.3/src/table/railtypes.h
Examining data/openttd-1.10.3/src/table/build_industry.h
Examining data/openttd-1.10.3/src/table/clear_land.h
Examining data/openttd-1.10.3/src/table/animcursors.h
Examining data/openttd-1.10.3/src/table/engines.h
Examining data/openttd-1.10.3/src/table/palettes.h
Examining data/openttd-1.10.3/src/table/string_colours.h
Examining data/openttd-1.10.3/src/table/palette_convert.h
Examining data/openttd-1.10.3/src/table/road_land.h
Examining data/openttd-1.10.3/src/table/airporttile_ids.h
Examining data/openttd-1.10.3/src/table/airport_defaults.h
Examining data/openttd-1.10.3/src/table/track_land.h
Examining data/openttd-1.10.3/src/table/airporttiles.h
Examining data/openttd-1.10.3/src/table/object_land.h
Examining data/openttd-1.10.3/src/table/strgen_tables.h
Examining data/openttd-1.10.3/src/table/water_land.h
Examining data/openttd-1.10.3/src/table/heightmap_colours.h
Examining data/openttd-1.10.3/src/table/sprites.h
Examining data/openttd-1.10.3/src/table/bridge_land.h
Examining data/openttd-1.10.3/src/table/station_land.h
Examining data/openttd-1.10.3/src/table/elrail_data.h
Examining data/openttd-1.10.3/src/table/train_cmd.h
Examining data/openttd-1.10.3/src/table/roadveh_movement.h
Examining data/openttd-1.10.3/src/table/cargo_const.h
Examining data/openttd-1.10.3/src/table/autorail.h
Examining data/openttd-1.10.3/src/table/genland.h
Examining data/openttd-1.10.3/src/table/unicode.h
Examining data/openttd-1.10.3/src/table/pricebase.h
Examining data/openttd-1.10.3/src/table/industry_land.h
Examining data/openttd-1.10.3/src/table/roadtypes.h
Examining data/openttd-1.10.3/src/table/tree_land.h
Examining data/openttd-1.10.3/src/roadstop_base.h
Examining data/openttd-1.10.3/src/news_gui.h
Examining data/openttd-1.10.3/src/textfile_gui.h
Examining data/openttd-1.10.3/src/command_type.h
Examining data/openttd-1.10.3/src/waypoint_cmd.cpp
Examining data/openttd-1.10.3/src/order_backup.h
Examining data/openttd-1.10.3/src/animated_tile_func.h
Examining data/openttd-1.10.3/src/fileio_type.h
Examining data/openttd-1.10.3/src/autoreplace_type.h
Examining data/openttd-1.10.3/src/order_type.h
Examining data/openttd-1.10.3/src/subsidy.cpp
Examining data/openttd-1.10.3/src/tar_type.h
Examining data/openttd-1.10.3/src/openttd.h
Examining data/openttd-1.10.3/src/vehicle_gui.cpp
Examining data/openttd-1.10.3/src/thread.h
Examining data/openttd-1.10.3/src/debug.cpp
Examining data/openttd-1.10.3/src/rev.h
Examining data/openttd-1.10.3/src/mixer.cpp
Examining data/openttd-1.10.3/src/newgrf_townname.cpp
Examining data/openttd-1.10.3/src/fileio_func.h
Examining data/openttd-1.10.3/src/transparency_gui.cpp
Examining data/openttd-1.10.3/src/road_internal.h
Examining data/openttd-1.10.3/src/ship_gui.cpp
Examining data/openttd-1.10.3/src/newgrf_industrytiles.cpp
Examining data/openttd-1.10.3/src/company_func.h
Examining data/openttd-1.10.3/src/cargo_type.h
Examining data/openttd-1.10.3/src/group.h
Examining data/openttd-1.10.3/src/tunnel_map.cpp
Examining data/openttd-1.10.3/src/town_cmd.cpp
Examining data/openttd-1.10.3/src/newgrf_debug_gui.cpp
Examining data/openttd-1.10.3/src/settings_gui.h
Examining data/openttd-1.10.3/src/road_func.h
Examining data/openttd-1.10.3/src/newgrf_generic.cpp
Examining data/openttd-1.10.3/src/town.h
Examining data/openttd-1.10.3/src/clear_map.h
Examining data/openttd-1.10.3/src/company_base.h
Examining data/openttd-1.10.3/src/tgp.h
Examining data/openttd-1.10.3/src/sound/null_s.cpp
Examining data/openttd-1.10.3/src/sound/sdl_s.h
Examining data/openttd-1.10.3/src/sound/sound_driver.hpp
Examining data/openttd-1.10.3/src/sound/xaudio2_s.cpp
Examining data/openttd-1.10.3/src/sound/cocoa_s.cpp
Examining data/openttd-1.10.3/src/sound/null_s.h
Examining data/openttd-1.10.3/src/sound/sdl2_s.cpp
Examining data/openttd-1.10.3/src/sound/allegro_s.cpp
Examining data/openttd-1.10.3/src/sound/xaudio2_s.h
Examining data/openttd-1.10.3/src/sound/sdl_s.cpp
Examining data/openttd-1.10.3/src/sound/cocoa_s.h
Examining data/openttd-1.10.3/src/sound/allegro_s.h
Examining data/openttd-1.10.3/src/sound/win32_s.cpp
Examining data/openttd-1.10.3/src/sound/win32_s.h
Examining data/openttd-1.10.3/src/cpu.cpp
Examining data/openttd-1.10.3/src/newgrf_industries.cpp
Examining data/openttd-1.10.3/src/news_type.h
Examining data/openttd-1.10.3/src/textfile_gui.cpp
Examining data/openttd-1.10.3/src/ship.h
Examining data/openttd-1.10.3/src/newgrf_house.cpp
Examining data/openttd-1.10.3/src/gfx.cpp
Examining data/openttd-1.10.3/src/linkgraph/linkgraph.cpp
Examining data/openttd-1.10.3/src/linkgraph/linkgraphschedule.h
Examining data/openttd-1.10.3/src/linkgraph/flowmapper.cpp
Examining data/openttd-1.10.3/src/linkgraph/linkgraph_gui.h
Examining data/openttd-1.10.3/src/linkgraph/mcf.cpp
Examining data/openttd-1.10.3/src/linkgraph/linkgraphschedule.cpp
Examining data/openttd-1.10.3/src/linkgraph/linkgraph_base.h
Examining data/openttd-1.10.3/src/linkgraph/linkgraph_type.h
Examining data/openttd-1.10.3/src/linkgraph/init.h
Examining data/openttd-1.10.3/src/linkgraph/linkgraph_gui.cpp
Examining data/openttd-1.10.3/src/linkgraph/refresh.h
Examining data/openttd-1.10.3/src/linkgraph/linkgraphjob_base.h
Examining data/openttd-1.10.3/src/linkgraph/linkgraphjob.h
Examining data/openttd-1.10.3/src/linkgraph/mcf.h
Examining data/openttd-1.10.3/src/linkgraph/demands.cpp
Examining data/openttd-1.10.3/src/linkgraph/linkgraph.h
Examining data/openttd-1.10.3/src/linkgraph/demands.h
Examining data/openttd-1.10.3/src/linkgraph/refresh.cpp
Examining data/openttd-1.10.3/src/linkgraph/linkgraphjob.cpp
Examining data/openttd-1.10.3/src/linkgraph/flowmapper.h
Examining data/openttd-1.10.3/src/ai/ai_gui.cpp
Examining data/openttd-1.10.3/src/ai/ai_instance.cpp
Examining data/openttd-1.10.3/src/ai/ai_info.cpp
Examining data/openttd-1.10.3/src/ai/ai_scanner.hpp
Examining data/openttd-1.10.3/src/ai/ai_config.hpp
Examining data/openttd-1.10.3/src/ai/ai_config.cpp
Examining data/openttd-1.10.3/src/ai/ai_gui.hpp
Examining data/openttd-1.10.3/src/ai/ai_info.hpp
Examining data/openttd-1.10.3/src/ai/ai_scanner.cpp
Examining data/openttd-1.10.3/src/ai/ai.hpp
Examining data/openttd-1.10.3/src/ai/ai_core.cpp
Examining data/openttd-1.10.3/src/ai/ai_instance.hpp
Examining data/openttd-1.10.3/src/newgrf_callbacks.h
Examining data/openttd-1.10.3/src/3rdparty/md5/md5.cpp
Examining data/openttd-1.10.3/src/3rdparty/md5/md5.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/sqstdlib/sqstdaux.cpp
Examining data/openttd-1.10.3/src/3rdparty/squirrel/sqstdlib/sqstdrex.cpp
Examining data/openttd-1.10.3/src/3rdparty/squirrel/sqstdlib/sqstdmath.cpp
Examining data/openttd-1.10.3/src/3rdparty/squirrel/sqstdlib/sqstdstring.cpp
Examining data/openttd-1.10.3/src/3rdparty/squirrel/include/squirrel.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/include/sqstdaux.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/include/sqstdmath.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/include/sqstdstring.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqstate.cpp
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/squtils.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqmem.cpp
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqstate.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqcompiler.cpp
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqfuncstate.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqbaselib.cpp
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/squserdata.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqvm.cpp
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqstring.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqtable.cpp
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqlexer.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqopcodes.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqfuncproto.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqpcheader.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqclass.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqclass.cpp
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqtable.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqclosure.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqdebug.cpp
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqvm.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqfuncstate.cpp
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqarray.h
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqapi.cpp
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqlexer.cpp
Examining data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqcompiler.h
Examining data/openttd-1.10.3/src/3rdparty/os2/getaddrinfo.c
Examining data/openttd-1.10.3/src/3rdparty/os2/getnameinfo.h
Examining data/openttd-1.10.3/src/3rdparty/os2/getnameinfo.c
Examining data/openttd-1.10.3/src/3rdparty/os2/getaddrinfo.h
Examining data/openttd-1.10.3/src/station_func.h
Examining data/openttd-1.10.3/src/tilearea_type.h
Examining data/openttd-1.10.3/src/viewport.cpp
Examining data/openttd-1.10.3/src/goal.cpp
Examining data/openttd-1.10.3/src/newgrf_house.h
Examining data/openttd-1.10.3/src/vehiclelist.cpp
Examining data/openttd-1.10.3/src/tree_map.h
Examining data/openttd-1.10.3/src/house.h
Examining data/openttd-1.10.3/src/toolbar_gui.h
Examining data/openttd-1.10.3/src/tunnelbridge_map.h
Examining data/openttd-1.10.3/src/ini_load.cpp
Examining data/openttd-1.10.3/src/direction_type.h
Examining data/openttd-1.10.3/src/train_gui.cpp
Examining data/openttd-1.10.3/src/townname_func.h
Examining data/openttd-1.10.3/src/map_func.h
Examining data/openttd-1.10.3/src/string_func.h
Examining data/openttd-1.10.3/src/hotkeys.h
Examining data/openttd-1.10.3/src/newgrf_cargo.h
Examining data/openttd-1.10.3/src/bridge_map.cpp
Examining data/openttd-1.10.3/src/console_cmds.cpp
Examining data/openttd-1.10.3/src/tilematrix_type.hpp
Examining data/openttd-1.10.3/src/zoom_type.h
Examining data/openttd-1.10.3/src/vehicle_base.h
Examining data/openttd-1.10.3/src/spriteloader/grf.hpp
Examining data/openttd-1.10.3/src/spriteloader/grf.cpp
Examining data/openttd-1.10.3/src/spriteloader/spriteloader.hpp
Examining data/openttd-1.10.3/src/cheat.cpp
Examining data/openttd-1.10.3/src/highscore.h
Examining data/openttd-1.10.3/src/object_base.h
Examining data/openttd-1.10.3/src/autoreplace_gui.cpp
Examining data/openttd-1.10.3/src/newgrf_debug.h
Examining data/openttd-1.10.3/src/newgrf_canal.h
Examining data/openttd-1.10.3/src/map.cpp
Examining data/openttd-1.10.3/src/rail_gui.cpp
Examining data/openttd-1.10.3/src/sprite.cpp
Examining data/openttd-1.10.3/src/newgrf_railtype.cpp
Examining data/openttd-1.10.3/src/train_cmd.cpp
Examining data/openttd-1.10.3/src/cheat_type.h
Examining data/openttd-1.10.3/src/story_gui.cpp
Examining data/openttd-1.10.3/src/textbuf_gui.h
Examining data/openttd-1.10.3/src/object_type.h
Examining data/openttd-1.10.3/src/road.h
Examining data/openttd-1.10.3/src/news_func.h
Examining data/openttd-1.10.3/src/depot_cmd.cpp
Examining data/openttd-1.10.3/src/story.cpp
Examining data/openttd-1.10.3/src/statusbar_gui.cpp
Examining data/openttd-1.10.3/src/goal_base.h
Examining data/openttd-1.10.3/src/cheat_gui.cpp
Examining data/openttd-1.10.3/src/newgrf_industries.h
Examining data/openttd-1.10.3/src/cargopacket.cpp
Examining data/openttd-1.10.3/src/date.cpp
Examining data/openttd-1.10.3/src/settings_gui.cpp
Examining data/openttd-1.10.3/src/town_gui.cpp
Examining data/openttd-1.10.3/src/story_base.h
Examining data/openttd-1.10.3/src/water.h
Examining data/openttd-1.10.3/src/newgrf_commons.cpp
Examining data/openttd-1.10.3/src/progress.cpp
Examining data/openttd-1.10.3/src/depend/depend.cpp
Examining data/openttd-1.10.3/src/console_internal.h
Examining data/openttd-1.10.3/src/tunnel_map.h
Examining data/openttd-1.10.3/src/track_func.h
Examining data/openttd-1.10.3/src/station_gui.h
Examining data/openttd-1.10.3/src/fontcache.cpp
Examining data/openttd-1.10.3/src/gamelog_internal.h
Examining data/openttd-1.10.3/src/rail_gui.h
Examining data/openttd-1.10.3/src/newgrf.h
Examining data/openttd-1.10.3/src/effectvehicle_base.h
Examining data/openttd-1.10.3/src/newgrf_storage.h
Examining data/openttd-1.10.3/src/textbuf.cpp
Examining data/openttd-1.10.3/src/screenshot.h
Examining data/openttd-1.10.3/src/newgrf_animation_type.h
Examining data/openttd-1.10.3/src/tree_cmd.cpp
Examining data/openttd-1.10.3/src/pbs.h
Examining data/openttd-1.10.3/src/crashlog.cpp
Examining data/openttd-1.10.3/src/articulated_vehicles.h
Examining data/openttd-1.10.3/src/safeguards.h
Examining data/openttd-1.10.3/src/framerate_type.h
Examining data/openttd-1.10.3/src/roadveh_gui.cpp
Examining data/openttd-1.10.3/src/roadstop.cpp
Examining data/openttd-1.10.3/src/newgrf_railtype.h
Examining data/openttd-1.10.3/src/gfxinit.h
Examining data/openttd-1.10.3/src/autoslope.h
Examining data/openttd-1.10.3/src/main_gui.cpp
Examining data/openttd-1.10.3/src/vehicle_cmd.cpp
Examining data/openttd-1.10.3/src/economy_func.h
Examining data/openttd-1.10.3/src/aircraft_cmd.cpp
Examining data/openttd-1.10.3/src/road_cmd.h
Examining data/openttd-1.10.3/src/music/midifile.hpp
Examining data/openttd-1.10.3/src/music/allegro_m.cpp
Examining data/openttd-1.10.3/src/music/fluidsynth.h
Examining data/openttd-1.10.3/src/music/midifile.cpp
Examining data/openttd-1.10.3/src/music/dmusic.h
Examining data/openttd-1.10.3/src/music/cocoa_m.cpp
Examining data/openttd-1.10.3/src/music/midi.h
Examining data/openttd-1.10.3/src/music/fluidsynth.cpp
Examining data/openttd-1.10.3/src/music/win32_m.h
Examining data/openttd-1.10.3/src/music/null_m.h
Examining data/openttd-1.10.3/src/music/os2_m.h
Examining data/openttd-1.10.3/src/music/qtmidi.h
Examining data/openttd-1.10.3/src/music/dmusic.cpp
Examining data/openttd-1.10.3/src/music/bemidi.h
Examining data/openttd-1.10.3/src/music/extmidi.h
Examining data/openttd-1.10.3/src/music/qtmidi.cpp
Examining data/openttd-1.10.3/src/music/os2_m.cpp
Examining data/openttd-1.10.3/src/music/music_driver.hpp
Examining data/openttd-1.10.3/src/music/win32_m.cpp
Examining data/openttd-1.10.3/src/music/extmidi.cpp
Examining data/openttd-1.10.3/src/music/null_m.cpp
Examining data/openttd-1.10.3/src/music/cocoa_m.h
Examining data/openttd-1.10.3/src/music/allegro_m.h
Examining data/openttd-1.10.3/src/music/bemidi.cpp
Examining data/openttd-1.10.3/src/station_base.h
Examining data/openttd-1.10.3/src/bridge.h
Examining data/openttd-1.10.3/src/terraform_gui.cpp
Examining data/openttd-1.10.3/src/console_gui.cpp
Examining data/openttd-1.10.3/src/string_type.h
Examining data/openttd-1.10.3/src/strings.cpp
FINAL RESULTS:
data/openttd-1.10.3/src/os/windows/win32.cpp:690:5: [5] (buffer) _tcsncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, or
automatically resizing strings. Risk is high; the length parameter appears
to be a constant, instead of computing the number of characters left.
_tcsncat(pszPath, _T("\\Fonts"), MAX_PATH);
data/openttd-1.10.3/src/safeguards.h:52:9: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
#define gets SAFEGUARD_DO_NOT_USE_THIS_METHOD
data/openttd-1.10.3/src/3rdparty/os2/getaddrinfo.c:252:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (sai->ai_canonname, hp->h_name);
data/openttd-1.10.3/src/3rdparty/squirrel/sqstdlib/sqstdstring.cpp:67:7: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
i += vsnprintf(&dest[i],allocated-i,fmt,va);
data/openttd-1.10.3/src/ai/ai_gui.cpp:1347:4: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(this->break_string, this->break_editbox.text.buf, lastof(this->break_string));
data/openttd-1.10.3/src/ai/ai_scanner.cpp:101:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(ai_name, nameParam, lastof(ai_name));
data/openttd-1.10.3/src/console.cpp:335:20: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
alias_stream = strecpy(alias_stream, "\"", lastof(alias_buffer));
data/openttd-1.10.3/src/console.cpp:352:35: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (i != 0) alias_stream = strecpy(alias_stream, " ", lastof(alias_buffer));
data/openttd-1.10.3/src/console.cpp:353:23: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
alias_stream = strecpy(alias_stream, "\"", lastof(alias_buffer));
data/openttd-1.10.3/src/console.cpp:354:23: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
alias_stream = strecpy(alias_stream, tokens[i], lastof(alias_buffer));
data/openttd-1.10.3/src/console.cpp:355:23: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
alias_stream = strecpy(alias_stream, "\"", lastof(alias_buffer));
data/openttd-1.10.3/src/console.cpp:361:22: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
alias_stream = strecpy(alias_stream, "\"", lastof(alias_buffer));
data/openttd-1.10.3/src/console.cpp:363:35: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (i != 0) alias_stream = strecpy(alias_stream, " ", lastof(alias_buffer));
data/openttd-1.10.3/src/console.cpp:364:23: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
alias_stream = strecpy(alias_stream, tokens[i], lastof(alias_buffer));
data/openttd-1.10.3/src/console.cpp:366:22: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
alias_stream = strecpy(alias_stream, "\"", lastof(alias_buffer));
data/openttd-1.10.3/src/console.cpp:379:22: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
alias_stream = strecpy(alias_stream, "\"", lastof(alias_buffer));
data/openttd-1.10.3/src/console.cpp:380:22: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
alias_stream = strecpy(alias_stream, tokens[param], lastof(alias_buffer));
data/openttd-1.10.3/src/console.cpp:381:22: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
alias_stream = strecpy(alias_stream, "\"", lastof(alias_buffer));
data/openttd-1.10.3/src/crashlog.cpp:429:11: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (res) strecpy(filename, _full_screenshot_name, filename_last);
data/openttd-1.10.3/src/debug.cpp:89:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, "List of debug facility names:\n", last);
data/openttd-1.10.3/src/debug.cpp:91:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, ", ", last);
data/openttd-1.10.3/src/debug.cpp:94:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, i->name, last);
data/openttd-1.10.3/src/debug.cpp:98:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, "\n\n", last);
data/openttd-1.10.3/src/depend/depend.cpp:66:7: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
char *strecpy(char *dst, const char *src, const char *last)
data/openttd-1.10.3/src/depend/depend.cpp:105:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
return strecpy(dst, src, last);
data/openttd-1.10.3/src/depend/depend.cpp:529:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(filename, R_OK) == 0) return strdup(filename);
data/openttd-1.10.3/src/depend/depend.cpp:532:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(path, dirname, lastof(path));
data/openttd-1.10.3/src/depend/depend.cpp:545:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(path, R_OK) == 0) return strdup(path);
data/openttd-1.10.3/src/depend/depend.cpp:550:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(path, *it, lastof(path));
data/openttd-1.10.3/src/depend/depend.cpp:563:7: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if (access(path, R_OK) == 0) return strdup(path);
data/openttd-1.10.3/src/depend/depend.cpp:647:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (verbose) fprintf(stderr, open ? "(" : " ");
data/openttd-1.10.3/src/depend/depend.cpp:764:11: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(path, filename, lastof(path));
data/openttd-1.10.3/src/depend/depend.cpp:993:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(backup, filename, lastof(backup));
data/openttd-1.10.3/src/driver.cpp:139:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(buffer, name, lastof(buffer));
data/openttd-1.10.3/src/driver.cpp:221:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(buf, GetDriverTypeName(type), lastof(buf));
data/openttd-1.10.3/src/driver.cpp:222:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(buf + 5, name, lastof(buf));
data/openttd-1.10.3/src/driver.cpp:237:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(buf, GetDriverTypeName(type), lastof(buf));
data/openttd-1.10.3/src/driver.cpp:238:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(buf + 5, this->name, lastof(buf));
data/openttd-1.10.3/src/fileio.cpp:18:10: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
# define access _taccess
data/openttd-1.10.3/src/fileio.cpp:327:9: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
return access(OTTD2FS(filename), 0) == 0;
data/openttd-1.10.3/src/fileio.cpp:394:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(buf, _personal_dir, last);
data/openttd-1.10.3/src/fileio.cpp:413:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(buf, filename, lastof(buf));
data/openttd-1.10.3/src/fileio.cpp:482:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(resolved_name, filename, lastof(resolved_name));
data/openttd-1.10.3/src/fileio.cpp:517:5: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(resolved_name2, &(resolved_name[len]), lastof(resolved_name2));
data/openttd-1.10.3/src/fileio.cpp:518:5: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(resolved_name, dest.c_str(), lastof(resolved_name));
data/openttd-1.10.3/src/fileio.cpp:519:5: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(&(resolved_name[dest.length()]), resolved_name2, lastof(resolved_name));
data/openttd-1.10.3/src/fileio.cpp:559:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(dirname, name, lastof(dirname));
data/openttd-1.10.3/src/fileio.cpp:767:4: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(name, th.prefix, lastof(name));
data/openttd-1.10.3/src/fileio.cpp:775:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(buf, th.size, lastof(buf));
data/openttd-1.10.3/src/fileio.cpp:804:5: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(link, th.linkname, lastof(link));
data/openttd-1.10.3/src/fileio.cpp:820:5: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(dest, name, lastof(dest));
data/openttd-1.10.3/src/fileio.cpp:851:38: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (destpos != dest) destpos = strecpy(destpos, PATHSEP, lastof(dest));
data/openttd-1.10.3/src/fileio.cpp:852:17: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
destpos = strecpy(destpos, pos, lastof(dest));
data/openttd-1.10.3/src/fileio.cpp:938:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(filename, tar_filename, lastof(filename));
data/openttd-1.10.3/src/fileio.cpp:944:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(p, dirname, lastof(filename));
data/openttd-1.10.3/src/fileio.cpp:951:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(p, (*it2).first.c_str(), lastof(filename));
data/openttd-1.10.3/src/fileio.cpp:1012:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(tmp, exe, lastof(tmp));
data/openttd-1.10.3/src/fileio.cpp:1461:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(path, directory, lastof(path));
data/openttd-1.10.3/src/fios.cpp:208:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, path, last);
data/openttd-1.10.3/src/fios.cpp:243:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(ext + 1, GetCurrentScreenshotExtension(), lastof(ext));
data/openttd-1.10.3/src/fios.cpp:335:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(fios->name, filename, lastof(fios->name));
data/openttd-1.10.3/src/fios.cpp:343:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(fios->title, t, lastof(fios->title));
data/openttd-1.10.3/src/fios.cpp:373:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(fios->name, "..", lastof(fios->name));
data/openttd-1.10.3/src/fios.cpp:374:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(fios->title, ".. (Parent directory)", lastof(fios->title));
data/openttd-1.10.3/src/fios.cpp:380:4: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(d_name, FS2OTTD(dirent->d_name), lastof(d_name));
data/openttd-1.10.3/src/fios.cpp:389:5: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(fios->name, d_name, lastof(fios->name));
data/openttd-1.10.3/src/fios.cpp:435:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(buf, file, lastof(buf));
data/openttd-1.10.3/src/fios.cpp:703:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(id.filename, filename, lastof(id.filename));
data/openttd-1.10.3/src/fios.cpp:713:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(basename, filename, lastof(basename));
data/openttd-1.10.3/src/fios_gui.cpp:385:5: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(o_dir.name, _personal_dir, lastof(o_dir.name));
data/openttd-1.10.3/src/fontdetection.cpp:325:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(font_name + strlen(font_name) + 1, english_name, lastof(font_name));
data/openttd-1.10.3/src/fontdetection.cpp:463:4: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(lang, "zh-Hant", lastof(lang));
data/openttd-1.10.3/src/fontdetection.cpp:466:4: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(lang, "zh-Hans", lastof(lang));
data/openttd-1.10.3/src/fontdetection.cpp:469:4: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(lang, language_isocode, lastof(lang));
data/openttd-1.10.3/src/game/game_scanner.cpp:40:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(game_name, nameParam, lastof(game_name));
data/openttd-1.10.3/src/game/game_text.cpp:149:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(buffer, this->p->c_str(), last);
data/openttd-1.10.3/src/game/game_text.cpp:253:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(filename, info->GetMainScript(), lastof(filename));
data/openttd-1.10.3/src/game/game_text.cpp:258:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(e, "lang" PATHSEP "english.txt", lastof(filename));
data/openttd-1.10.3/src/game/game_text.cpp:270:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(e, "lang" PATHSEP, lastof(filename));
data/openttd-1.10.3/src/game/game_text.cpp:377:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(temp, _current_language->file, lastof(temp));
data/openttd-1.10.3/src/gamelog.cpp:446:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(lc->revision.text, GetGamelogRevisionString(), lastof(lc->revision.text));
data/openttd-1.10.3/src/genworld_gui.cpp:843:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(w->name, _file_to_saveload.title, lastof(w->name));
data/openttd-1.10.3/src/ini.cpp:50:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(file_new, filename, lastof(file_new));
data/openttd-1.10.3/src/misc_gui.cpp:338:23: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (found) strp = strecpy(strp, ", ", lastof(this->landinfo_data[LAND_INFO_MULTICENTER_LINE]));
data/openttd-1.10.3/src/music.cpp:148:5: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(this->songinfo[i].songname, songname, lastof(this->songinfo[i].songname));
data/openttd-1.10.3/src/music.cpp:169:6: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(this->songinfo[i].songname, item->value, lastof(this->songinfo[i].songname));
data/openttd-1.10.3/src/music/extmidi.cpp:91:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(this->song, filename.c_str(), lastof(this->song));
data/openttd-1.10.3/src/music/extmidi.cpp:124:5: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(this->params[0], this->params);
data/openttd-1.10.3/src/network/core/address.cpp:79:58: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (this->GetAddress()->ss_family == AF_INET6) buffer = strecpy(buffer, "[", last);
data/openttd-1.10.3/src/network/core/address.cpp:80:11: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buffer = strecpy(buffer, this->GetHostname(), last);
data/openttd-1.10.3/src/network/core/address.cpp:81:58: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (this->GetAddress()->ss_family == AF_INET6) buffer = strecpy(buffer, "]", last);
data/openttd-1.10.3/src/network/core/address.cpp:239:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(this->hostname, fam == AF_INET ? "0.0.0.0" : "::", lastof(this->hostname));
data/openttd-1.10.3/src/network/core/address.cpp:244:22: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (reset_hostname) strecpy(this->hostname, "", lastof(this->hostname));
data/openttd-1.10.3/src/network/core/address.h:85:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(this->hostname, StrEmpty(hostname) ? "" : hostname, lastof(this->hostname));
data/openttd-1.10.3/src/network/core/host.cpp:170:4: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(r.ifr_name, req->ifr_name, lastof(r.ifr_name));
data/openttd-1.10.3/src/network/network.cpp:603:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(host, b, lastof(host));
data/openttd-1.10.3/src/network/network.cpp:605:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_settings_client.network.connect_to_ip, b, lastof(_settings_client.network.connect_to_ip));
data/openttd-1.10.3/src/network/network.cpp:671:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_settings_client.network.last_host, address.GetHostname(), lastof(_settings_client.network.last_host));
data/openttd-1.10.3/src/network/network.cpp:700:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(ci->client_name, _settings_client.network.client_name, lastof(ci->client_name));
data/openttd-1.10.3/src/network/network.cpp:1125:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(network_revision + hashofs, githash_suffix, network_revision + NETWORK_REVISION_LENGTH);
data/openttd-1.10.3/src/network/network_chat_gui.cpp:98:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(cmsg->message, buf, lastof(cmsg->message));
data/openttd-1.10.3/src/network/network_client.cpp:634:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(ci->client_name, name, lastof(ci->client_name));
data/openttd-1.10.3/src/network/network_client.cpp:653:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(ci->client_name, name, lastof(ci->client_name));
data/openttd-1.10.3/src/network/network_client.cpp:1269:5: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(ci->client_name, _settings_client.network.client_name, lastof(ci->client_name));
data/openttd-1.10.3/src/network/network_command.cpp:148:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(c.text, (text != nullptr) ? text : "", lastof(c.text));
data/openttd-1.10.3/src/network/network_content.cpp:142:28: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (StrEmpty(ci->name)) strecpy(ci->name, ici->name, lastof(ci->name));
data/openttd-1.10.3/src/network/network_content.cpp:663:7: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (strecpy(tmp, p, lastof(tmp)) == lastof(tmp)) {
data/openttd-1.10.3/src/network/network_content.cpp:674:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(this->curInfo->filename, tmp, lastof(this->curInfo->filename));
data/openttd-1.10.3/src/network/network_content_gui.cpp:148:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(this->name, ci->filename, lastof(this->name));
data/openttd-1.10.3/src/network/network_content_gui.cpp:328:15: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
char *pos = strecpy(url, "http://grfsearch.openttd.org/?", last);
data/openttd-1.10.3/src/network/network_content_gui.cpp:331:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
pos = strecpy(pos, "do=searchgrfid&q=", last);
data/openttd-1.10.3/src/network/network_content_gui.cpp:337:23: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (!first) pos = strecpy(pos, ",", last);
data/openttd-1.10.3/src/network/network_content_gui.cpp:341:11: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
pos = strecpy(pos, ":", last);
data/openttd-1.10.3/src/network/network_content_gui.cpp:345:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
pos = strecpy(pos, "do=searchtext&q=", last);
data/openttd-1.10.3/src/network/network_gamelist.cpp:53:5: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(item->info.server_name, ins_item->info.server_name, lastof(item->info.server_name));
data/openttd-1.10.3/src/network/network_gamelist.cpp:54:5: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(item->info.hostname, ins_item->info.hostname, lastof(item->info.hostname));
data/openttd-1.10.3/src/network/network_gui.cpp:891:6: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_settings_client.network.client_name, this->name_editbox.text.buf, lastof(_settings_client.network.client_name));
data/openttd-1.10.3/src/network/network_gui.cpp:893:6: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_settings_client.network.client_name, "Player", lastof(_settings_client.network.client_name));
data/openttd-1.10.3/src/network/network_gui.cpp:1230:4: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_settings_client.network.server_name, this->name_editbox.text.buf, lastof(_settings_client.network.server_name));
data/openttd-1.10.3/src/network/network_gui.cpp:1250:4: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_settings_client.network.server_password, str, lastof(_settings_client.network.server_password));
data/openttd-1.10.3/src/network/network_gui.cpp:2204:4: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_settings_client.network.default_company_pass, this->password_editbox.text.buf, lastof(_settings_client.network.default_company_pass));
data/openttd-1.10.3/src/network/network_server.cpp:370:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(clients[ci->client_playas], ci->client_name, lastof(clients[ci->client_playas]));
data/openttd-1.10.3/src/network/network_server.cpp:934:22: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (StrEmpty(name)) strecpy(name, "Player", lastof(name));
data/openttd-1.10.3/src/network/network_server.cpp:945:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(ci->client_name, name, lastof(ci->client_name));
data/openttd-1.10.3/src/network/network_server.cpp:1436:4: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(ci->client_name, client_name, lastof(ci->client_name));
data/openttd-1.10.3/src/network/network_server.cpp:1707:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(original_name, new_name, lastof(original_name));
data/openttd-1.10.3/src/network/network_server.cpp:1754:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(ci->client_name, new_name, lastof(ci->client_name));
data/openttd-1.10.3/src/network/network_server.cpp:1774:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_network_company_states[company_id].password, password, lastof(_network_company_states[company_id].password));
data/openttd-1.10.3/src/network/network_server.cpp:2142:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(client_name, ci->client_name, last);
data/openttd-1.10.3/src/network/network_udp.cpp:61:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(item->info.hostname, address.GetHostname(), lastof(item->info.hostname));
data/openttd-1.10.3/src/network/network_udp.cpp:160:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(ngi.map_name, _network_game_info.map_name, lastof(ngi.map_name));
data/openttd-1.10.3/src/network/network_udp.cpp:161:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(ngi.server_name, _settings_client.network.server_name, lastof(ngi.server_name));
data/openttd-1.10.3/src/network/network_udp.cpp:162:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(ngi.server_revision, GetNetworkRevisionString(), lastof(ngi.server_revision));
data/openttd-1.10.3/src/network/network_udp.cpp:282:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(name, in_reply[i]->GetName(), lastof(name));
data/openttd-1.10.3/src/newgrf_config.cpp:894:33: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (c->num_params == 0) return strecpy(dst, "", last);
data/openttd-1.10.3/src/newgrf_config.cpp:897:20: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (i > 0) dst = strecpy(dst, " ", last);
data/openttd-1.10.3/src/newgrf_gui.cpp:1553:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(ci->name, c->GetName(), lastof(ci->name));
data/openttd-1.10.3/src/newgrf_townname.cpp:93:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(buf, "", last);
data/openttd-1.10.3/src/openttd.cpp:85:50: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
extern void ShowOSErrorBox(const char *buf, bool system);
data/openttd-1.10.3/src/openttd.cpp:154:6: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
p = strecpy(p,
data/openttd-1.10.3/src/openttd.cpp:244:6: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
p = strecpy(p, "NewGRFs:\n", lastof(buf));
data/openttd-1.10.3/src/os/os2/os2.cpp:85:4: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(fios->title, fios->name, lastof(fios->title));
data/openttd-1.10.3/src/os/os2/os2.cpp:155:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void ShowOSErrorBox(const char *buf, bool system)
data/openttd-1.10.3/src/os/os2/os2.cpp:194:4: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(buffer, text, last);
data/openttd-1.10.3/src/os/unix/unix.cpp:161:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(outbuf, name, outbuf + outlen);
data/openttd-1.10.3/src/os/unix/unix.cpp:226:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void ShowOSErrorBox(const char *buf, bool system)
data/openttd-1.10.3/src/os/unix/unix.cpp:280:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(buffer, clip, last);
data/openttd-1.10.3/src/os/unix/unix.cpp:301:2: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(args[0], const_cast<char * const *>(args));
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:677:8: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#undef snprintf
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:678:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
#undef strcat
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:705:4: [4] (format) _sntprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
_sntprintf(text, len, _crash_desc, OTTD2FS(CrashLogWindows::current->crashlog_filename));
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:708:5: [4] (buffer) _tcscat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
_tcscat(text, OTTD2FS(CrashLogWindows::current->crashdump_filename));
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:712:5: [4] (buffer) _tcscat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
_tcscat(text, OTTD2FS(CrashLogWindows::current->screenshot_filename));
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:730:7: [4] (format) _sntprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
_sntprintf(text, len, _save_succeeded, OTTD2FS(filename));
data/openttd-1.10.3/src/os/windows/win32.cpp:77:43: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void ShowOSErrorBox(const char *buf, bool system)
data/openttd-1.10.3/src/os/windows/win32.cpp:85:2: [4] (shell) ShellExecute:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ShellExecute(GetActiveWindow(), _T("open"), OTTD2FS(url), nullptr, nullptr, SW_SHOWNORMAL);
data/openttd-1.10.3/src/os/windows/win32.cpp:216:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(fios->title, fios->name, lastof(fios->title));
data/openttd-1.10.3/src/os/windows/win32.cpp:251:2: [4] (format) _sntprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
_sntprintf(root, lengthof(root), _T("%c:") _T(PATHSEP), path[0]);
data/openttd-1.10.3/src/os/windows/win32.cpp:461:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(tmp, FS2OTTD(path), lastof(tmp));
data/openttd-1.10.3/src/os/windows/win32.cpp:471:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(tmp, FS2OTTD(path), lastof(tmp));
data/openttd-1.10.3/src/os/windows/win32.cpp:499:4: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(tmp, convert_from_fs(exec_dir, tmp, lengthof(tmp)), lastof(tmp));
data/openttd-1.10.3/src/os/windows/win32.cpp:532:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(buffer, FS2OTTD(ptr), last);
data/openttd-1.10.3/src/os/windows/win32.cpp:734:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(iso, "zh-Hant", lastof(iso));
data/openttd-1.10.3/src/os/windows/win32.cpp:736:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(iso, "zh-Hans", lastof(iso));
data/openttd-1.10.3/src/os/windows/win32.cpp:739:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(iso, iso_code, lastof(iso));
data/openttd-1.10.3/src/osk_gui.cpp:364:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(keyboard[0], _keyboard_opt[0], lastof(keyboard[0]));
data/openttd-1.10.3/src/osk_gui.cpp:370:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(keyboard[1], _keyboard_opt[1], lastof(keyboard[1]));
data/openttd-1.10.3/src/safeguards.h:36:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define strcpy SAFEGUARD_DO_NOT_USE_THIS_METHOD
data/openttd-1.10.3/src/safeguards.h:40:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
#define strcat SAFEGUARD_DO_NOT_USE_THIS_METHOD
data/openttd-1.10.3/src/safeguards.h:44:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define sprintf SAFEGUARD_DO_NOT_USE_THIS_METHOD
data/openttd-1.10.3/src/safeguards.h:45:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf SAFEGUARD_DO_NOT_USE_THIS_METHOD
data/openttd-1.10.3/src/safeguards.h:48:9: [4] (buffer) vsprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define vsprintf SAFEGUARD_DO_NOT_USE_THIS_METHOD
data/openttd-1.10.3/src/safeguards.h:49:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define vsnprintf SAFEGUARD_DO_NOT_USE_THIS_METHOD
data/openttd-1.10.3/src/saveload/ai_sl.cpp:42:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_ai_saveload_name, config->GetName(), lastof(_ai_saveload_name));
data/openttd-1.10.3/src/saveload/game_sl.cpp:41:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_game_saveload_name, config->GetName(), lastof(_game_saveload_name));
data/openttd-1.10.3/src/saveload/oldloader.cpp:262:26: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
case SGT_TTO: title = strecpy(title, "(TTO) ", last); break;
data/openttd-1.10.3/src/saveload/oldloader.cpp:263:26: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
case SGT_TTD: title = strecpy(title, "(TTD) ", last); break;
data/openttd-1.10.3/src/saveload/oldloader.cpp:264:26: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
default: title = strecpy(title, "(broken) ", last); break;
data/openttd-1.10.3/src/saveload/oldloader.cpp:266:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(title, temp, last);
data/openttd-1.10.3/src/saveload/saveload.cpp:2894:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(this->name, name, lastof(this->name));
data/openttd-1.10.3/src/saveload/saveload.cpp:2903:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(this->title, title, lastof(this->title));
data/openttd-1.10.3/src/screenshot.cpp:314:6: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
p = strecpy(p, "NewGRFs:\n", lastof(buf));
data/openttd-1.10.3/src/screenshot.cpp:320:6: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
p = strecpy(p, "\nCompanies:\n", lastof(buf));
data/openttd-1.10.3/src/screenshot.cpp:673:4: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_screenshot_name, default_fn, lastof(_screenshot_name));
data/openttd-1.10.3/src/screenshot.cpp:852:23: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (name != nullptr) strecpy(_screenshot_name, name, lastof(_screenshot_name));
data/openttd-1.10.3/src/script/api/script_controller.cpp:134:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(fake_class, (*iter).second, lastof(fake_class));
data/openttd-1.10.3/src/script/script_info_dummy.cpp:93:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(dp, " }\n}\n", lastof(dummy_script));
data/openttd-1.10.3/src/script/script_scanner.cpp:49:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(p, "main.nut", end);
data/openttd-1.10.3/src/script/script_scanner.cpp:263:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(path, info->GetMainScript(), lastof(path));
data/openttd-1.10.3/src/script/squirrel_std.cpp:58:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(path, si.source, lastof(path));
data/openttd-1.10.3/src/settings.cpp:557:25: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (p != nullptr) strecpy((char*)ptr, (const char*)p, (char*)ptr + sld->length - 1);
data/openttd-1.10.3/src/settings.cpp:681:27: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
case SDT_BOOLX: strecpy(buf, (i != 0) ? "true" : "false", lastof(buf)); break;
data/openttd-1.10.3/src/settings.cpp:692:25: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
case SLE_VAR_STRB: strecpy(buf, (char*)ptr, lastof(buf)); break;
data/openttd-1.10.3/src/settings.cpp:694:25: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
case SLE_VAR_STR: strecpy(buf, *(char**)ptr, lastof(buf)); break;
data/openttd-1.10.3/src/settings.cpp:2051:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(var, value, &var[sd->save.length - 1]);
data/openttd-1.10.3/src/settings_gui.cpp:2616:5: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_custom_currency.separator, str, lastof(_custom_currency.separator));
data/openttd-1.10.3/src/settings_gui.cpp:2620:5: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_custom_currency.prefix, str, lastof(_custom_currency.prefix));
data/openttd-1.10.3/src/settings_gui.cpp:2624:5: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_custom_currency.suffix, str, lastof(_custom_currency.suffix));
data/openttd-1.10.3/src/stdafx.h:113:60: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define WARN_FORMAT(string, args) __attribute__ ((format (printf, string, args)))
data/openttd-1.10.3/src/strgen/strgen.cpp:49:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LINE_NUM_FMT("warning"), _file, _cur_line, buf);
data/openttd-1.10.3/src/strgen/strgen.cpp:60:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LINE_NUM_FMT("error"), _file, _cur_line, buf);
data/openttd-1.10.3/src/strgen/strgen.cpp:71:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LINE_NUM_FMT("FATAL"), _file, _cur_line, buf);
data/openttd-1.10.3/src/strgen/strgen.cpp:73:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LINE_NUM_FMT("warning"), _file, _cur_line, "language is not compiled");
data/openttd-1.10.3/src/strgen/strgen.cpp:85:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LINE_NUM_FMT("FATAL"), _file, _cur_line, buf);
data/openttd-1.10.3/src/strgen/strgen.cpp:87:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LINE_NUM_FMT("warning"), _file, _cur_line, "language is not compiled");
data/openttd-1.10.3/src/strgen/strgen.cpp:138:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_lang.name, str + 5, lastof(_lang.name));
data/openttd-1.10.3/src/strgen/strgen.cpp:140:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_lang.own_name, str + 8, lastof(_lang.own_name));
data/openttd-1.10.3/src/strgen/strgen.cpp:142:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_lang.isocode, str + 8, lastof(_lang.isocode));
data/openttd-1.10.3/src/strgen/strgen.cpp:153:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_lang.digit_group_separator, strcmp(str, "{NBSP}") == 0 ? NBSP : str, lastof(_lang.digit_group_separator));
data/openttd-1.10.3/src/strgen/strgen.cpp:156:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_lang.digit_group_separator_currency, strcmp(str, "{NBSP}") == 0 ? NBSP : str, lastof(_lang.digit_group_separator_currency));
data/openttd-1.10.3/src/strgen/strgen.cpp:159:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_lang.digit_decimal_separator, strcmp(str, "{NBSP}") == 0 ? NBSP : str, lastof(_lang.digit_decimal_separator));
data/openttd-1.10.3/src/strgen/strgen.cpp:183:4: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_lang.genders[_lang.num_genders], s, lastof(_lang.genders[_lang.num_genders]));
data/openttd-1.10.3/src/strgen/strgen.cpp:195:4: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_lang.cases[_lang.num_cases], s, lastof(_lang.cases[_lang.num_cases]));
data/openttd-1.10.3/src/strgen/strgen.cpp:385:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(buf, path, last); // copy directory into buffer
data/openttd-1.10.3/src/strgen/strgen.cpp:389:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(p, file, last); // concatenate filename at end of buffer
data/openttd-1.10.3/src/strgen/strgen.cpp:563:5: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(r, ".lng", lastof(pathbuf));
data/openttd-1.10.3/src/strgen/strgen_base.cpp:826:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_lang.digit_group_separator, ",", lastof(_lang.digit_group_separator));
data/openttd-1.10.3/src/strgen/strgen_base.cpp:827:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_lang.digit_group_separator_currency, ",", lastof(_lang.digit_group_separator_currency));
data/openttd-1.10.3/src/strgen/strgen_base.cpp:828:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_lang.digit_decimal_separator, ".", lastof(_lang.digit_decimal_separator));
data/openttd-1.10.3/src/string.cpp:48:8: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#undef vsnprintf
data/openttd-1.10.3/src/string.cpp:64:24: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
return min((int)diff, vsnprintf(str, diff + 1, format, ap));
data/openttd-1.10.3/src/string.cpp:91:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
return strecpy(dst, src, last);
data/openttd-1.10.3/src/string.cpp:111:7: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
char *strecpy(char *dst, const char *src, const char *last)
data/openttd-1.10.3/src/string.cpp:369:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int CDECL vsnprintf(char *str, size_t size, const char *format, va_list ap)
data/openttd-1.10.3/src/string_func.h:33:7: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
char *strecpy(char *dst, const char *src, const char *last);
data/openttd-1.10.3/src/strings.cpp:332:86: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if ((i % 3) == thousands_offset && i < max_digits - 1 - fractional_digits) buff = strecpy(buff, separator, last);
data/openttd-1.10.3/src/strings.cpp:456:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buff = strecpy(buff, "-", last);
data/openttd-1.10.3/src/strings.cpp:463:36: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (spec->symbol_pos != 1) buff = strecpy(buff, spec->prefix, last);
data/openttd-1.10.3/src/strings.cpp:482:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buff = strecpy(buff, multiplier, last);
data/openttd-1.10.3/src/strings.cpp:487:36: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (spec->symbol_pos != 0) buff = strecpy(buff, spec->suffix, last);
data/openttd-1.10.3/src/strings.cpp:1002:12: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buff = strecpy(buff, _openttd_revision, last);
data/openttd-1.10.3/src/strings.cpp:1612:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buff = strecpy(buff, base[num * GB(arg, 16, 8) >> 8], last);
data/openttd-1.10.3/src/strings.cpp:1613:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buff = strecpy(buff, " & Co.", last);
data/openttd-1.10.3/src/strings.cpp:1626:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buff = strecpy(buff, initial, last);
data/openttd-1.10.3/src/strings.cpp:1631:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buff = strecpy(buff, initial, last);
data/openttd-1.10.3/src/strings.cpp:1642:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buff = strecpy(buff, base[num * GB(x, 16, 8) >> 8], last);
data/openttd-1.10.3/src/strings.cpp:1651:11: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
return strecpy(buff, _silly_company_names[min(args->GetInt32() & 0xFFFF, lengthof(_silly_company_names) - 1)], last);
data/openttd-1.10.3/src/strings.cpp:1663:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
return strecpy(buff, " Transport", last);
data/openttd-1.10.3/src/strings.cpp:1669:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
return strecpy(buff,
data/openttd-1.10.3/src/strings.cpp:1783:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(_config_language_file, c_file, lastof(_config_language_file));
data/openttd-1.10.3/src/strings.cpp:2072:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(settings->small.font, font_name, lastof(settings->small.font));
data/openttd-1.10.3/src/strings.cpp:2073:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(settings->medium.font, font_name, lastof(settings->medium.font));
data/openttd-1.10.3/src/strings.cpp:2074:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(settings->large.font, font_name, lastof(settings->large.font));
data/openttd-1.10.3/src/textbuf.cpp:408:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(this->buf, text, &this->buf[this->max_bytes - 1]);
data/openttd-1.10.3/src/textfile_gui.cpp:198:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(settings->mono.font, font_name, lastof(settings->mono.font));
data/openttd-1.10.3/src/textfile_gui.cpp:400:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(file_path, filename, lastof(file_path));
data/openttd-1.10.3/src/townname.cpp:238:20: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (i >= 0) buf = strecpy(buf, _name_original_english_1[i], last);
data/openttd-1.10.3/src/townname.cpp:241:8: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_original_english_2[SeedChance(4, lengthof(_name_original_english_2), seed)], last);
data/openttd-1.10.3/src/townname.cpp:242:8: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_original_english_3[SeedChance(7, lengthof(_name_original_english_3), seed)], last);
data/openttd-1.10.3/src/townname.cpp:243:8: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_original_english_4[SeedChance(10, lengthof(_name_original_english_4), seed)], last);
data/openttd-1.10.3/src/townname.cpp:244:8: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_original_english_5[SeedChance(13, lengthof(_name_original_english_5), seed)], last);
data/openttd-1.10.3/src/townname.cpp:248:20: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (i >= 0) buf = strecpy(buf, _name_original_english_6[i], last);
data/openttd-1.10.3/src/townname.cpp:274:20: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (i >= 0) buf = strecpy(buf, _name_additional_english_prefix[i], last);
data/openttd-1.10.3/src/townname.cpp:277:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_additional_english_1a[SeedChance(6, lengthof(_name_additional_english_1a), seed)], last);
data/openttd-1.10.3/src/townname.cpp:279:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_additional_english_1b1[SeedChance(6, lengthof(_name_additional_english_1b1), seed)], last);
data/openttd-1.10.3/src/townname.cpp:280:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_additional_english_1b2[SeedChance(9, lengthof(_name_additional_english_1b2), seed)], last);
data/openttd-1.10.3/src/townname.cpp:282:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_additional_english_1b3a[SeedChance(12, lengthof(_name_additional_english_1b3a), seed)], last);
data/openttd-1.10.3/src/townname.cpp:284:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_additional_english_1b3b[SeedChance(12, lengthof(_name_additional_english_1b3b), seed)], last);
data/openttd-1.10.3/src/townname.cpp:288:8: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_additional_english_2[SeedChance(14, lengthof(_name_additional_english_2), seed)], last);
data/openttd-1.10.3/src/townname.cpp:292:20: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (i >= 0) buf = strecpy(buf, _name_additional_english_3[i], last);
data/openttd-1.10.3/src/townname.cpp:311:20: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (i >= 0) buf = strecpy(buf, _name_austrian_a1[i], last);
data/openttd-1.10.3/src/townname.cpp:318:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_austrian_a2[SeedChance( 7, lengthof(_name_austrian_a2), seed)], last);
data/openttd-1.10.3/src/townname.cpp:319:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_austrian_a3[SeedChance(13, lengthof(_name_austrian_a3), seed)], last);
data/openttd-1.10.3/src/townname.cpp:322:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_austrian_a5[SeedChance( 7, lengthof(_name_austrian_a5), seed)], last);
data/openttd-1.10.3/src/townname.cpp:323:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_austrian_a6[SeedChance( 9, lengthof(_name_austrian_a6), seed)], last);
data/openttd-1.10.3/src/townname.cpp:327:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_austrian_a4[SeedChance( 7, lengthof(_name_austrian_a4), seed)], last);
data/openttd-1.10.3/src/townname.cpp:333:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_austrian_f1[SeedChance(4, lengthof(_name_austrian_f1), seed)], last);
data/openttd-1.10.3/src/townname.cpp:334:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_austrian_f2[SeedChance(5, lengthof(_name_austrian_f2), seed)], last);
data/openttd-1.10.3/src/townname.cpp:337:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_austrian_b1[SeedChance(4, lengthof(_name_austrian_b1), seed)], last);
data/openttd-1.10.3/src/townname.cpp:338:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_austrian_b2[SeedChance(5, lengthof(_name_austrian_b2), seed)], last);
data/openttd-1.10.3/src/townname.cpp:358:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_german_pre[i], last);
data/openttd-1.10.3/src/townname.cpp:364:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_german_real[i], last);
data/openttd-1.10.3/src/townname.cpp:366:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_german_1[i - lengthof(_name_german_real)], last);
data/openttd-1.10.3/src/townname.cpp:369:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_german_2[i], last);
data/openttd-1.10.3/src/townname.cpp:376:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_german_3_an_der[0], last);
data/openttd-1.10.3/src/townname.cpp:377:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_german_4_an_der[i], last);
data/openttd-1.10.3/src/townname.cpp:379:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_german_3_am[0], last);
data/openttd-1.10.3/src/townname.cpp:380:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_german_4_am[i - lengthof(_name_german_4_an_der)], last);
data/openttd-1.10.3/src/townname.cpp:396:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
return strecpy(buf, _name_spanish_real[SeedChance(0, lengthof(_name_spanish_real), seed)], last);
data/openttd-1.10.3/src/townname.cpp:408:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
return strecpy(buf, _name_french_real[SeedChance(0, lengthof(_name_french_real), seed)], last);
data/openttd-1.10.3/src/townname.cpp:420:8: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_silly_1[SeedChance( 0, lengthof(_name_silly_1), seed)], last);
data/openttd-1.10.3/src/townname.cpp:421:8: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_silly_2[SeedChance(16, lengthof(_name_silly_2), seed)], last);
data/openttd-1.10.3/src/townname.cpp:437:20: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (i >= 0) buf = strecpy(buf, _name_swedish_1[i], last);
data/openttd-1.10.3/src/townname.cpp:441:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_swedish_2[SeedChance( 7, lengthof(_name_swedish_2), seed)], last);
data/openttd-1.10.3/src/townname.cpp:443:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_swedish_2a[SeedChance( 7, lengthof(_name_swedish_2a), seed)], last);
data/openttd-1.10.3/src/townname.cpp:444:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_swedish_2b[SeedChance(10, lengthof(_name_swedish_2b), seed)], last);
data/openttd-1.10.3/src/townname.cpp:445:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_swedish_2c[SeedChance(13, lengthof(_name_swedish_2c), seed)], last);
data/openttd-1.10.3/src/townname.cpp:448:8: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_swedish_3[SeedChance(16, lengthof(_name_swedish_3), seed)], last);
data/openttd-1.10.3/src/townname.cpp:464:20: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (i >= 0) buf = strecpy(buf, _name_dutch_1[i], last);
data/openttd-1.10.3/src/townname.cpp:468:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_dutch_2[SeedChance( 9, lengthof(_name_dutch_2), seed)], last);
data/openttd-1.10.3/src/townname.cpp:470:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_dutch_3[SeedChance( 9, lengthof(_name_dutch_3), seed)], last);
data/openttd-1.10.3/src/townname.cpp:471:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_dutch_4[SeedChance(12, lengthof(_name_dutch_4), seed)], last);
data/openttd-1.10.3/src/townname.cpp:474:8: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_dutch_5[SeedChance(15, lengthof(_name_dutch_5), seed)], last);
data/openttd-1.10.3/src/townname.cpp:492:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
return strecpy(buf, _name_finnish_real[SeedChance(2, lengthof(_name_finnish_real), seed)], last);
data/openttd-1.10.3/src/townname.cpp:500:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_finnish_1[sel], last);
data/openttd-1.10.3/src/townname.cpp:506:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, "la", last);
data/openttd-1.10.3/src/townname.cpp:508:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, "l\xC3\xA4", last);
data/openttd-1.10.3/src/townname.cpp:517:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_finnish_2[sel - lengthof(_name_finnish_1)], last);
data/openttd-1.10.3/src/townname.cpp:519:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_finnish_1[sel], last);
data/openttd-1.10.3/src/townname.cpp:522:8: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_finnish_3[SeedChance(10, lengthof(_name_finnish_3), seed)], last);
data/openttd-1.10.3/src/townname.cpp:545:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
return strecpy(buf, _name_polish_2_o[SeedChance(3, lengthof(_name_polish_2_o), seed)], last);
data/openttd-1.10.3/src/townname.cpp:550:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_polish_1_m[SeedChance(5, lengthof(_name_polish_1_m), seed)], last);
data/openttd-1.10.3/src/townname.cpp:553:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_polish_2_m[SeedChance(7, lengthof(_name_polish_2_m), seed)], last);
data/openttd-1.10.3/src/townname.cpp:556:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_polish_3_m[SeedChance(10, lengthof(_name_polish_3_m), seed)], last);
data/openttd-1.10.3/src/townname.cpp:564:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_polish_1_f[SeedChance(5, lengthof(_name_polish_1_f), seed)], last);
data/openttd-1.10.3/src/townname.cpp:567:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_polish_2_f[SeedChance(7, lengthof(_name_polish_2_f), seed)], last);
data/openttd-1.10.3/src/townname.cpp:570:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_polish_3_f[SeedChance(10, lengthof(_name_polish_3_f), seed)], last);
data/openttd-1.10.3/src/townname.cpp:577:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_polish_1_n[SeedChance(5, lengthof(_name_polish_1_n), seed)], last);
data/openttd-1.10.3/src/townname.cpp:580:8: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_polish_2_n[SeedChance(7, lengthof(_name_polish_2_n), seed)], last);
data/openttd-1.10.3/src/townname.cpp:583:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_polish_3_n[SeedChance(10, lengthof(_name_polish_3_n), seed)], last);
data/openttd-1.10.3/src/townname.cpp:600:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
return strecpy(buf, _name_czech_real[SeedModChance(4, lengthof(_name_czech_real), seed)], last);
data/openttd-1.10.3/src/townname.cpp:711:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_czech_adj[prefix].name, last);
data/openttd-1.10.3/src/townname.cpp:725:13: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
endpos = strecpy(endpos, _name_czech_patmod[gender][pattern], last);
data/openttd-1.10.3/src/townname.cpp:728:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(endpos, " ", last);
data/openttd-1.10.3/src/townname.cpp:732:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_czech_subst_stem[stem].name, last);
data/openttd-1.10.3/src/townname.cpp:745:11: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, poststr, last);
data/openttd-1.10.3/src/townname.cpp:757:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_czech_subst_ending[ending].name, last);
data/openttd-1.10.3/src/townname.cpp:759:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_czech_subst_full[stem].name, last);
data/openttd-1.10.3/src/townname.cpp:763:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, " ", last);
data/openttd-1.10.3/src/townname.cpp:764:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_czech_suffix[suffix], last);
data/openttd-1.10.3/src/townname.cpp:779:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
return strecpy(buf, _name_romanian_real[SeedChance(0, lengthof(_name_romanian_real), seed)], last);
data/openttd-1.10.3/src/townname.cpp:791:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
return strecpy(buf, _name_slovak_real[SeedChance(0, lengthof(_name_slovak_real), seed)], last);
data/openttd-1.10.3/src/townname.cpp:807:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
return strecpy(buf, _name_norwegian_real[SeedChance(4, lengthof(_name_norwegian_real), seed)], last);
data/openttd-1.10.3/src/townname.cpp:811:8: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_norwegian_1[SeedChance(4, lengthof(_name_norwegian_1), seed)], last);
data/openttd-1.10.3/src/townname.cpp:813:8: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_norwegian_2[SeedChance(11, lengthof(_name_norwegian_2), seed)], last);
data/openttd-1.10.3/src/townname.cpp:828:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
return strecpy(buf, _name_hungarian_real[SeedChance(0, lengthof(_name_hungarian_real), seed)], last);
data/openttd-1.10.3/src/townname.cpp:833:45: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (i < lengthof(_name_hungarian_1)) buf = strecpy(buf, _name_hungarian_1[i], last);
data/openttd-1.10.3/src/townname.cpp:836:8: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_hungarian_2[SeedChance(3, lengthof(_name_hungarian_2), seed)], last);
data/openttd-1.10.3/src/townname.cpp:837:8: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_hungarian_3[SeedChance(6, lengthof(_name_hungarian_3), seed)], last);
data/openttd-1.10.3/src/townname.cpp:842:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_hungarian_4[i], last);
data/openttd-1.10.3/src/townname.cpp:857:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
return strecpy(buf, _name_swiss_real[SeedChance(0, lengthof(_name_swiss_real), seed)], last);
data/openttd-1.10.3/src/townname.cpp:871:20: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
if (i >= 0) buf = strecpy(buf, _name_danish_1[i], last);
data/openttd-1.10.3/src/townname.cpp:874:8: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_danish_2[SeedChance( 7, lengthof(_name_danish_2), seed)], last);
data/openttd-1.10.3/src/townname.cpp:875:8: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_danish_3[SeedChance(16, lengthof(_name_danish_3), seed)], last);
data/openttd-1.10.3/src/townname.cpp:893:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_turkish_prefix[SeedModChance( 2, lengthof(_name_turkish_prefix), seed)], last);
data/openttd-1.10.3/src/townname.cpp:896:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_turkish_middle[SeedModChance( 4, lengthof(_name_turkish_middle), seed)], last);
data/openttd-1.10.3/src/townname.cpp:900:11: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_turkish_suffix[SeedModChance( 10, lengthof(_name_turkish_suffix), seed)], last);
data/openttd-1.10.3/src/townname.cpp:905:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_turkish_prefix[SeedModChance( 2, lengthof(_name_turkish_prefix), seed)], last);
data/openttd-1.10.3/src/townname.cpp:906:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_turkish_suffix[SeedModChance( 4, lengthof(_name_turkish_suffix), seed)], last);
data/openttd-1.10.3/src/townname.cpp:910:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_turkish_real[SeedModChance( 4, lengthof(_name_turkish_real), seed)], last);
data/openttd-1.10.3/src/townname.cpp:927:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
return strecpy(buf, _name_italian_real[SeedModChance(4, lengthof(_name_italian_real), seed)], last);
data/openttd-1.10.3/src/townname.cpp:936:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_italian_pref[SeedModChance(11, lengthof(_name_italian_pref), seed)], last);
data/openttd-1.10.3/src/townname.cpp:941:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_italian_1m[SeedModChance(4, lengthof(_name_italian_1m), seed)], last);
data/openttd-1.10.3/src/townname.cpp:943:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_italian_1f[SeedModChance(4, lengthof(_name_italian_1f), seed)], last);
data/openttd-1.10.3/src/townname.cpp:947:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_italian_2[SeedModChance(11, lengthof(_name_italian_2), seed)], last);
data/openttd-1.10.3/src/townname.cpp:948:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, mascul_femin_italian[i], last);
data/openttd-1.10.3/src/townname.cpp:950:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_italian_2i[SeedModChance(16, lengthof(_name_italian_2i), seed)], last);
data/openttd-1.10.3/src/townname.cpp:955:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_italian_3[SeedModChance(4, lengthof(_name_italian_3), seed)], last);
data/openttd-1.10.3/src/townname.cpp:957:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_italian_river1[SeedModChance(4, lengthof(_name_italian_river1), seed)], last);
data/openttd-1.10.3/src/townname.cpp:958:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_italian_river2[SeedModChance(16, lengthof(_name_italian_river2), seed)], last);
data/openttd-1.10.3/src/townname.cpp:975:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
return strecpy(buf, _name_catalan_real[SeedModChance(4, lengthof(_name_catalan_real), seed)], last);
data/openttd-1.10.3/src/townname.cpp:979:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_catalan_pref[SeedModChance(11, lengthof(_name_catalan_pref), seed)], last);
data/openttd-1.10.3/src/townname.cpp:984:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_catalan_1m[SeedModChance(4, lengthof(_name_catalan_1m), seed)], last);
data/openttd-1.10.3/src/townname.cpp:985:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_catalan_2m[SeedModChance(11, lengthof(_name_catalan_2m), seed)], last);
data/openttd-1.10.3/src/townname.cpp:987:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_catalan_1f[SeedModChance(4, lengthof(_name_catalan_1f), seed)], last);
data/openttd-1.10.3/src/townname.cpp:988:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_catalan_2f[SeedModChance(11, lengthof(_name_catalan_2f), seed)], last);
data/openttd-1.10.3/src/townname.cpp:993:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_catalan_3[SeedModChance(4, lengthof(_name_catalan_3), seed)], last);
data/openttd-1.10.3/src/townname.cpp:995:10: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
buf = strecpy(buf, _name_catalan_river1[SeedModChance(4, lengthof(_name_catalan_river1), seed)], last);
data/openttd-1.10.3/src/townname.cpp:1068:9: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
return strecpy(buf, buffer, last);
data/openttd-1.10.3/src/vehicle_cmd.cpp:780:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(buf, src->name, lastof(buf));
data/openttd-1.10.3/src/vehicle_cmd.cpp:786:3: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(buf, src->name, lastof(buf));
data/openttd-1.10.3/src/video/dedicated_v.cpp:231:2: [4] (buffer) strecpy:
This function does not protect against buffer overflows (CWE-120). Ensure
the destination has 4 times the size of the source, to leave room for
expansion.
strecpy(input_line, _win_console_thread_buffer, lastof(input_line));
data/openttd-1.10.3/src/3rdparty/squirrel/sqstdlib/sqstdmath.cpp:34:2: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned int)i);
data/openttd-1.10.3/src/3rdparty/squirrel/sqstdlib/sqstdmath.cpp:86:13: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
_DECL_FUNC(srand,2,".n"),
data/openttd-1.10.3/src/core/random_func.cpp:75:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
DEBUG(random, 0, "%08x; %02x; %04x; %02x; %s:%d", _date, _date_fract, _frame_counter, (byte)_current_company, file, line);
data/openttd-1.10.3/src/core/random_func.hpp:34:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
Randomizer random;
data/openttd-1.10.3/src/core/random_func.hpp:54:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
_random = storage.random;
data/openttd-1.10.3/src/debug.cpp:73:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
DEBUG_LEVEL(random),
data/openttd-1.10.3/src/fileio.cpp:1088:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *homedir = getenv("HOME");
data/openttd-1.10.3/src/industry.h:73:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
uint16 random; ///< Random value used for randomisation of all kinds of things
data/openttd-1.10.3/src/industry_map.h:278:87: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
static inline void MakeIndustry(TileIndex t, IndustryID index, IndustryGfx gfx, uint8 random, WaterClass wc)
data/openttd-1.10.3/src/industry_map.h:283:27: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
SetIndustryRandomBits(t, random); // m3
data/openttd-1.10.3/src/newgrf_house.cpp:560:74: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (hs->building_flags & BUILDING_HAS_1_TILE) AnimationControl(tile, random);
data/openttd-1.10.3/src/newgrf_house.cpp:561:92: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (hs->building_flags & BUILDING_2_TILES_Y) AnimationControl(TILE_ADDXY(tile, 0, 1), random);
data/openttd-1.10.3/src/newgrf_house.cpp:562:92: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (hs->building_flags & BUILDING_2_TILES_X) AnimationControl(TILE_ADDXY(tile, 1, 0), random);
data/openttd-1.10.3/src/newgrf_house.cpp:563:92: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (hs->building_flags & BUILDING_HAS_4_TILES) AnimationControl(TILE_ADDXY(tile, 1, 1), random);
data/openttd-1.10.3/src/newgrf_house.cpp:642:98: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void DoWatchedCargoCallback(TileIndex tile, TileIndex origin, CargoTypes trigger_cargoes, uint16 random)
data/openttd-1.10.3/src/newgrf_house.cpp:645:19: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
uint32 cb_info = random << 16 | (uint8)diff.y << 8 | (uint8)diff.x;
data/openttd-1.10.3/src/newgrf_industries.cpp:410:53: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return this->industry != nullptr ? this->industry->random : 0;
data/openttd-1.10.3/src/newgrf_industrytiles.cpp:276:90: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bool StartStopIndustryTileAnimation(TileIndex tile, IndustryAnimationTrigger iat, uint32 random)
data/openttd-1.10.3/src/newgrf_industrytiles.cpp:282:117: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
IndustryAnimationBase::ChangeAnimationFrame(CBID_INDTILE_ANIM_START_STOP, itspec, Industry::GetByTile(tile), tile, random, iat);
data/openttd-1.10.3/src/newgrf_industrytiles.cpp:292:50: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (StartStopIndustryTileAnimation(tile, iat, random)) {
data/openttd-1.10.3/src/newgrf_industrytiles.cpp:293:8: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
SB(random, 0, 16, Random());
data/openttd-1.10.3/src/newgrf_industrytiles.cpp:350:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ind->random &= reseed;
data/openttd-1.10.3/src/newgrf_industrytiles.cpp:351:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ind->random |= random_bits & reseed;
data/openttd-1.10.3/src/object_map.h:74:89: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
static inline void MakeObject(TileIndex t, Owner o, ObjectID index, WaterClass wc, byte random)
data/openttd-1.10.3/src/object_map.h:80:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
_m[t].m3 = random;
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:493:20: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
HMODULE dbghelp = LoadLibrary(_T("dbghelp.dll"));
data/openttd-1.10.3/src/os/windows/win32.cpp:60:9: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
lib = LoadLibrary(MB_TO_WIDE(dll));
data/openttd-1.10.3/src/saveload/industry_sl.cpp:71:24: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
SLE_CONDVAR(Industry, random, SLE_UINT16, SLV_82, SL_MAX_VERSION),
data/openttd-1.10.3/src/strings.cpp:1848:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv("LANGUAGE");
data/openttd-1.10.3/src/strings.cpp:1851:8: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv("LC_ALL");
data/openttd-1.10.3/src/strings.cpp:1855:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
env = getenv(param);
data/openttd-1.10.3/src/strings.cpp:1859:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
return getenv("LANG");
data/openttd-1.10.3/src/town_cmd.cpp:1811:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random) return CMD_ERROR;
data/openttd-1.10.3/src/town_cmd.cpp:1815:48: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
} else if (_current_company == OWNER_DEITY && random) {
data/openttd-1.10.3/src/town_cmd.cpp:1832:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!random) {
data/openttd-1.10.3/src/town_cmd.cpp:1856:7: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (random) {
data/openttd-1.10.3/src/town_cmd.cpp:1877:12: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
assert(!random);
data/openttd-1.10.3/src/town_gui.cpp:1155:52: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
void ExecuteFoundTownCommand(TileIndex tile, bool random, StringID errstr, CommandCallback cc)
data/openttd-1.10.3/src/town_gui.cpp:1168:96: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
bool success = DoCommandP(tile, this->town_size | this->city << 2 | this->town_layout << 3 | random << 6,
data/openttd-1.10.3/src/town_map.h:262:57: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
static inline void SetHouseRandomBits(TileIndex t, byte random)
data/openttd-1.10.3/src/town_map.h:265:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
_m[t].m1 = random;
data/openttd-1.10.3/src/3rdparty/md5/md5.cpp:284:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this->buf + offset, p, copy);
data/openttd-1.10.3/src/3rdparty/md5/md5.cpp:297:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (left) memcpy(this->buf, p, left);
data/openttd-1.10.3/src/3rdparty/os2/getaddrinfo.c:50:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ret, info, sizeof (struct addrinfo));
data/openttd-1.10.3/src/3rdparty/os2/getaddrinfo.c:56:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ret->ai_addr, addr, addrlen);
data/openttd-1.10.3/src/3rdparty/os2/getaddrinfo.c:210:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&((struct sockaddr_in *) &sa)->sin_addr,
data/openttd-1.10.3/src/3rdparty/os2/getaddrinfo.c:220:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&((struct sockaddr_in6 *) &sa)->sin6_addr,
data/openttd-1.10.3/src/3rdparty/os2/getnameinfo.c:111:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numserv[512];
data/openttd-1.10.3/src/3rdparty/os2/getnameinfo.c:294:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numaddr[512];
data/openttd-1.10.3/src/3rdparty/os2/getnameinfo.c:305:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zonebuf[SQUIDHOSTNAMELEN];
data/openttd-1.10.3/src/3rdparty/os2/getnameinfo.c:317:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(host + numaddrlen + 1, zonebuf,
data/openttd-1.10.3/src/3rdparty/squirrel/sqstdlib/sqstdstring.cpp:7:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
#define scatoi atoi
data/openttd-1.10.3/src/3rdparty/squirrel/sqstdlib/sqstdstring.cpp:29:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
width = atoi(swidth);
data/openttd-1.10.3/src/3rdparty/squirrel/sqstdlib/sqstdstring.cpp:46:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
width += atoi(swidth);
data/openttd-1.10.3/src/3rdparty/squirrel/sqstdlib/sqstdstring.cpp:51:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&fmt[1],&src[start],((n-start)+1)*sizeof(SQChar));
data/openttd-1.10.3/src/3rdparty/squirrel/sqstdlib/sqstdstring.cpp:208:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stemp,str,memsize);
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqapi.cpp:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqdebug.cpp:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NUMBER_MAX_CHAR+1];
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqfuncstate.cpp:541:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(f->_instructions,&_instructions[0],(size_t)_instructions.size()*sizeof(SQInstruction));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqlexer.cpp:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4];
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqstate.cpp:537:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_val,news,(size_t)len);
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqvm.cpp:265:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqvm.cpp:305:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, _stringval(a), (size_t)l);
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqvm.cpp:306:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s + l, _stringval(b), (size_t)ol);
data/openttd-1.10.3/src/ai/ai_gui.cpp:539:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int32 value = atoi(str);
data/openttd-1.10.3/src/ai/ai_gui.cpp:1014:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char break_string[MAX_BREAK_STR_STRING_LENGTH]; ///< The string to match to the AI output
data/openttd-1.10.3/src/ai/ai_info.cpp:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/openttd-1.10.3/src/ai/ai_scanner.cpp:100:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ai_name[1024];
data/openttd-1.10.3/src/ai/ai_scanner.cpp:116:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
versionParam = atoi(e);
data/openttd-1.10.3/src/ai/ai_scanner.cpp:122:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ai_name_tmp[1024];
data/openttd-1.10.3/src/ai/ai_scanner.cpp:162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char library_name[1024];
data/openttd-1.10.3/src/base_media_base.h:299:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songname[32]; ///< name of song displayed in UI
data/openttd-1.10.3/src/base_media_func.h:63:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
this->version = atoi(item->value);
data/openttd-1.10.3/src/blitter/32bpp_anim.cpp:381:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(static_cast<void *>(dst), usrc, width * sizeof(uint32));
data/openttd-1.10.3/src/blitter/32bpp_anim.cpp:385:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(anim_line, usrc, width * sizeof(uint16));
data/openttd-1.10.3/src/blitter/32bpp_anim.cpp:420:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(udst, src, width * sizeof(uint32));
data/openttd-1.10.3/src/blitter/32bpp_anim.cpp:424:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(udst, anim_line, width * sizeof(uint16));
data/openttd-1.10.3/src/blitter/32bpp_anim.cpp:451:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, tw * sizeof(uint16));
data/openttd-1.10.3/src/blitter/32bpp_base.cpp:54:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, usrc, width * sizeof(uint32));
data/openttd-1.10.3/src/blitter/32bpp_base.cpp:66:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(udst, src, width * sizeof(uint32));
data/openttd-1.10.3/src/blitter/32bpp_base.cpp:78:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(udst, src, width * sizeof(uint32));
data/openttd-1.10.3/src/blitter/32bpp_base.cpp:110:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, width * sizeof(uint32));
data/openttd-1.10.3/src/blitter/32bpp_optimized.cpp:391:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst->data + dst->offset[z][0], dst_px_orig[z], lengths[z][0]);
data/openttd-1.10.3/src/blitter/32bpp_optimized.cpp:392:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst->data + dst->offset[z][1], dst_n_orig[z], lengths[z][1]);
data/openttd-1.10.3/src/blitter/32bpp_sse2.cpp:59:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst_sprite->data, &sd, sizeof(SpriteData));
data/openttd-1.10.3/src/blitter/32bpp_sse2.cpp:136:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst_sprite->data, &sd, sizeof(SpriteData));
data/openttd-1.10.3/src/blitter/8bpp_base.cpp:58:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, usrc, width * sizeof(uint8));
data/openttd-1.10.3/src/blitter/8bpp_base.cpp:70:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(udst, src, width * sizeof(uint8));
data/openttd-1.10.3/src/blitter/8bpp_base.cpp:82:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(udst, src, width * sizeof(uint8));
data/openttd-1.10.3/src/blitter/8bpp_base.cpp:114:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, width * sizeof(uint8));
data/openttd-1.10.3/src/blitter/8bpp_optimized.cpp:227:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest_sprite->data, temp_dst, size);
data/openttd-1.10.3/src/build_vehicle_gui.cpp:139:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char last_name[2][64] = { "", "" };
data/openttd-1.10.3/src/cargotype.cpp:140:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char a_name[64];
data/openttd-1.10.3/src/cargotype.cpp:141:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char b_name[64];
data/openttd-1.10.3/src/cheat_gui.cpp:254:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/openttd-1.10.3/src/cheat_gui.cpp:398:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int value = atoi(str);
data/openttd-1.10.3/src/command_type.h:483:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[32 * MAX_CHAR_LENGTH]; ///< possible text sent for name changes etc, in bytes including '\0'.
data/openttd-1.10.3/src/company_cmd.cpp:347:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[(MAX_LENGTH_COMPANY_NAME_CHARS + 1) * MAX_CHAR_LENGTH];
data/openttd-1.10.3/src/company_cmd.cpp:489:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[(MAX_LENGTH_PRESIDENT_NAME_CHARS + 1) * MAX_CHAR_LENGTH];
data/openttd-1.10.3/src/company_cmd.cpp:497:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer2[(MAX_LENGTH_PRESIDENT_NAME_CHARS + 1) * MAX_CHAR_LENGTH];
data/openttd-1.10.3/src/company_cmd.cpp:1123:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80];
data/openttd-1.10.3/src/company_gui.cpp:649:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_name[2][64] = { "", "" };
data/openttd-1.10.3/src/console.cpp:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ICON_MAX_STREAMSIZE];
data/openttd-1.10.3/src/console.cpp:320:76: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void IConsoleAliasExec(const IConsoleAlias *alias, byte tokencount, char *tokens[ICON_TOKEN_COUNT], const uint recurse_count)
data/openttd-1.10.3/src/console.cpp:322:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char alias_buffer[ICON_MAX_STREAMSIZE] = { '\0' };
data/openttd-1.10.3/src/console.cpp:410:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tokens[ICON_TOKEN_COUNT], tokenstream[ICON_MAX_STREAMSIZE];
data/openttd-1.10.3/src/console_cmds.cpp:478:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ClientID client_id = (ClientID)atoi(argv);
data/openttd-1.10.3/src/console_cmds.cpp:581:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
index = atoi(argv[1]) - 1U; // let it wrap
data/openttd-1.10.3/src/console_cmds.cpp:585:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[64];
data/openttd-1.10.3/src/console_cmds.cpp:705:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ClientID client_id = (ClientID)atoi(argv[1]);
data/openttd-1.10.3/src/console_cmds.cpp:732:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
CompanyID company_id = (CompanyID)(atoi(argv[1]) <= MAX_COMPANIES ? atoi(argv[1]) - 1 : atoi(argv[1]));
data/openttd-1.10.3/src/console_cmds.cpp:732:70: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
CompanyID company_id = (CompanyID)(atoi(argv[1]) <= MAX_COMPANIES ? atoi(argv[1]) - 1 : atoi(argv[1]));
data/openttd-1.10.3/src/console_cmds.cpp:732:90: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
CompanyID company_id = (CompanyID)(atoi(argv[1]) <= MAX_COMPANIES ? atoi(argv[1]) - 1 : atoi(argv[1]));
data/openttd-1.10.3/src/console_cmds.cpp:779:75: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
const NetworkClientInfo *ci = NetworkClientInfo::GetByClientID((ClientID)atoi(argv[1]));
data/openttd-1.10.3/src/console_cmds.cpp:780:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
CompanyID company_id = (CompanyID)(atoi(argv[2]) <= MAX_COMPANIES ? atoi(argv[2]) - 1 : atoi(argv[2]));
data/openttd-1.10.3/src/console_cmds.cpp:780:70: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
CompanyID company_id = (CompanyID)(atoi(argv[2]) <= MAX_COMPANIES ? atoi(argv[2]) - 1 : atoi(argv[2]));
data/openttd-1.10.3/src/console_cmds.cpp:780:90: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
CompanyID company_id = (CompanyID)(atoi(argv[2]) <= MAX_COMPANIES ? atoi(argv[2]) - 1 : atoi(argv[2]));
data/openttd-1.10.3/src/console_cmds.cpp:824:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
CompanyID index = (CompanyID)(atoi(argv[1]) - 1);
data/openttd-1.10.3/src/console_cmds.cpp:875:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
CompanyID playas = (argc >= 2) ? (CompanyID)atoi(argv[1]) : COMPANY_SPECTATOR;
data/openttd-1.10.3/src/console_cmds.cpp:921:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
join_as = (CompanyID)atoi(company);
data/openttd-1.10.3/src/console_cmds.cpp:932:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rport = atoi(port);
data/openttd-1.10.3/src/console_cmds.cpp:957:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (argc == 2 || atoi(argv[2]) != 0) IConsoleError("script file not found");
data/openttd-1.10.3/src/console_cmds.cpp:963:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdline[ICON_CMDLN_SIZE];
data/openttd-1.10.3/src/console_cmds.cpp:1014:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
_iconsole_output_file = fopen(argv[1], "ab");
data/openttd-1.10.3/src/console_cmds.cpp:1042:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
IConsolePrint((TextColour)Clamp(atoi(argv[1]), TC_BEGIN, TC_END - 1), argv[2]);
data/openttd-1.10.3/src/console_cmds.cpp:1096:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/openttd-1.10.3/src/console_cmds.cpp:1106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/openttd-1.10.3/src/console_cmds.cpp:1116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/openttd-1.10.3/src/console_cmds.cpp:1126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/openttd-1.10.3/src/console_cmds.cpp:1209:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
CompanyID company_id = (CompanyID)(atoi(argv[1]) - 1);
data/openttd-1.10.3/src/console_cmds.cpp:1246:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
CompanyID company_id = (CompanyID)(atoi(argv[1]) - 1);
data/openttd-1.10.3/src/console_cmds.cpp:1566:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char company_name[512];
data/openttd-1.10.3/src/console_cmds.cpp:1577:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colour[512];
data/openttd-1.10.3/src/console_cmds.cpp:1621:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
CompanyID company_id = (CompanyID)(atoi(argv[1]) - 1);
data/openttd-1.10.3/src/console_cmds.cpp:1648:70: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
NetworkClientSendChat(NETWORK_ACTION_CHAT_CLIENT, DESTTYPE_CLIENT, atoi(argv[1]), argv[2]);
data/openttd-1.10.3/src/console_cmds.cpp:1651:70: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
NetworkServerSendChat(NETWORK_ACTION_CHAT_CLIENT, DESTTYPE_CLIENT, atoi(argv[1]), argv[2], CLIENT_ID_SERVER, from_admin);
data/openttd-1.10.3/src/console_cmds.cpp:1684:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
company_id = (CompanyID)(atoi(argv[1]) - 1);
data/openttd-1.10.3/src/console_cmds.cpp:1750:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(ci->md5sum) * 2 + 1];
data/openttd-1.10.3/src/console_cmds.cpp:1795:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_network_content_client.Select((ContentID)atoi(argv[2]));
data/openttd-1.10.3/src/console_cmds.cpp:1808:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_network_content_client.Unselect((ContentID)atoi(argv[2]));
data/openttd-1.10.3/src/console_cmds.cpp:1943:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int grfnum = atoi(argv[argnum]);
data/openttd-1.10.3/src/console_cmds.cpp:1965:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int grfnum = atoi(argv[argnum]);
data/openttd-1.10.3/src/console_cmds.cpp:1987:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grfidstr[12]{ 0 };
data/openttd-1.10.3/src/console_cmds.cpp:1995:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int days = max(atoi(argv[2]), 1);
data/openttd-1.10.3/src/console_cmds.cpp:1998:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datestrbuf[32]{ 0 };
data/openttd-1.10.3/src/console_gui.cpp:131:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *_iconsole_history[ICON_HISTORY_SIZE];
data/openttd-1.10.3/src/core/mem_func.hpp:25:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(destination, source, num * sizeof(T));
data/openttd-1.10.3/src/crashlog.cpp:242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4 * 3 + 3 + 1];
data/openttd-1.10.3/src/crashlog.cpp:446:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_PATH];
data/openttd-1.10.3/src/crashlog.cpp:447:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[65536];
data/openttd-1.10.3/src/currency.h:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char separator[8];
data/openttd-1.10.3/src/currency.h:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[16];
data/openttd-1.10.3/src/currency.h:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suffix[16];
data/openttd-1.10.3/src/debug.cpp:111:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[1024 + 32];
data/openttd-1.10.3/src/debug.cpp:134:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/openttd-1.10.3/src/debug.cpp:137:3: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR system_buf[512];
data/openttd-1.10.3/src/debug.cpp:156:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/openttd-1.10.3/src/debug.cpp:229:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dbgstr[150];
data/openttd-1.10.3/src/debug.cpp:230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbgval[20];
data/openttd-1.10.3/src/debug.cpp:251:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _log_prefix[24];
data/openttd-1.10.3/src/dedicated.cpp:41:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
_log_fd = fopen(_log_file, "a");
data/openttd-1.10.3/src/depend/depend.cpp:121:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
return (char *) memcpy(n, s, len);
data/openttd-1.10.3/src/depend/depend.cpp:180:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
this->fp = fopen(filename, "r");
data/openttd-1.10.3/src/depend/depend.cpp:531:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/openttd-1.10.3/src/depend/depend.cpp:549:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/openttd-1.10.3/src/depend/depend.cpp:646:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open) lexer->Lex();
data/openttd-1.10.3/src/depend/depend.cpp:647:31: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (verbose) fprintf(stderr, open ? "(" : " ");
data/openttd-1.10.3/src/depend/depend.cpp:652:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open) {
data/openttd-1.10.3/src/depend/depend.cpp:763:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[PATH_MAX];
data/openttd-1.10.3/src/depend/depend.cpp:992:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char backup[PATH_MAX];
data/openttd-1.10.3/src/depend/depend.cpp:1001:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *src = fopen(filename, "rb");
data/openttd-1.10.3/src/depend/depend.cpp:1017:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *dst = fopen(filename, "w");
data/openttd-1.10.3/src/depend/depend.cpp:1021:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
src = fopen(backup, "wb");
data/openttd-1.10.3/src/depend/depend.cpp:1029:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
src = fopen(backup, "r");
data/openttd-1.10.3/src/depot_gui.cpp:878:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char details[1024];
data/openttd-1.10.3/src/driver.cpp:76:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return p != nullptr ? atoi(p) : def;
data/openttd-1.10.3/src/driver.cpp:135:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/openttd-1.10.3/src/driver.cpp:136:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *parms[32];
data/openttd-1.10.3/src/driver.cpp:220:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/openttd-1.10.3/src/driver.cpp:236:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/openttd-1.10.3/src/error.h:32:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *strings[20]; ///< Copies of raw strings that were used.
data/openttd-1.10.3/src/error_gui.cpp:387:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DRAW_STRING_BUFFER];
data/openttd-1.10.3/src/fileio.cpp:47:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *filenames[MAX_FILE_SLOTS]; ///< array of filenames we (should) have open
data/openttd-1.10.3/src/fileio.cpp:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *shortnames[MAX_FILE_SLOTS]; ///< array of short names for spriteloader's use
data/openttd-1.10.3/src/fileio.cpp:298:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *_searchpaths[NUM_SEARCHPATHS];
data/openttd-1.10.3/src/fileio.cpp:406:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t Lmode[5];
data/openttd-1.10.3/src/fileio.cpp:407:2: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_ACP, 0, mode, -1, Lmode, lengthof(Lmode));
data/openttd-1.10.3/src/fileio.cpp:410:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_PATH];
data/openttd-1.10.3/src/fileio.cpp:422:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(buf, mode);
data/openttd-1.10.3/src/fileio.cpp:425:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(buf, mode);
data/openttd-1.10.3/src/fileio.cpp:446:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(entry->tar_filename, "rb");
data/openttd-1.10.3/src/fileio.cpp:479:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resolved_name[MAX_RESOLVED_LENGTH];
data/openttd-1.10.3/src/fileio.cpp:515:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resolved_name2[MAX_RESOLVED_LENGTH];
data/openttd-1.10.3/src/fileio.cpp:558:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[MAX_PATH];
data/openttd-1.10.3/src/fileio.cpp:700:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100]; ///< Name of the file
data/openttd-1.10.3/src/fileio.cpp:701:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mode[8];
data/openttd-1.10.3/src/fileio.cpp:702:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uid[8];
data/openttd-1.10.3/src/fileio.cpp:703:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gid[8];
data/openttd-1.10.3/src/fileio.cpp:704:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[12]; ///< Size of the file, in ASCII
data/openttd-1.10.3/src/fileio.cpp:705:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mtime[12];
data/openttd-1.10.3/src/fileio.cpp:706:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chksum[8];
data/openttd-1.10.3/src/fileio.cpp:708:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linkname[100];
data/openttd-1.10.3/src/fileio.cpp:709:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[6];
data/openttd-1.10.3/src/fileio.cpp:710:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[2];
data/openttd-1.10.3/src/fileio.cpp:711:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uname[32];
data/openttd-1.10.3/src/fileio.cpp:712:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char gname[32];
data/openttd-1.10.3/src/fileio.cpp:713:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devmajor[8];
data/openttd-1.10.3/src/fileio.cpp:714:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devminor[8];
data/openttd-1.10.3/src/fileio.cpp:715:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[155]; ///< Path of the file
data/openttd-1.10.3/src/fileio.cpp:717:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused[12];
data/openttd-1.10.3/src/fileio.cpp:724:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(filename, "rb");
data/openttd-1.10.3/src/fileio.cpp:738:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(th.name) + 1], *end;
data/openttd-1.10.3/src/fileio.cpp:739:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[sizeof(th.prefix) + 1 + sizeof(th.name) + 1];
data/openttd-1.10.3/src/fileio.cpp:740:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char link[sizeof(th.linkname) + 1];
data/openttd-1.10.3/src/fileio.cpp:741:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dest[sizeof(th.prefix) + 1 + sizeof(th.name) + 1 + 1 + sizeof(th.linkname) + 1];
data/openttd-1.10.3/src/fileio.cpp:745:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char empty[512];
data/openttd-1.10.3/src/fileio.cpp:937:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_PATH];
data/openttd-1.10.3/src/fileio.cpp:964:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *out = fopen(filename, "wb");
data/openttd-1.10.3/src/fileio.cpp:972:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/openttd-1.10.3/src/fileio.cpp:1011:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MAX_PATH];
data/openttd-1.10.3/src/fileio.cpp:1054:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MAX_PATH];
data/openttd-1.10.3/src/fileio.cpp:1066:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MAX_PATH];
data/openttd-1.10.3/src/fileio.cpp:1170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_home[MAX_PATH];
data/openttd-1.10.3/src/fileio.cpp:1196:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char personal_dir[MAX_PATH];
data/openttd-1.10.3/src/fileio.cpp:1306:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *in = fopen(filename, "rb");
data/openttd-1.10.3/src/fileio.cpp:1365:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_PATH];
data/openttd-1.10.3/src/fileio.cpp:1418:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH];
data/openttd-1.10.3/src/fileio.cpp:1460:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH];
data/openttd-1.10.3/src/fileio_func.h:34:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char *_searchpaths[NUM_SEARCHPATHS];
data/openttd-1.10.3/src/fios.cpp:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char long_file[MAX_PATH];
data/openttd-1.10.3/src/fios.cpp:241:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[5];
data/openttd-1.10.3/src/fios.cpp:255:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[512];
data/openttd-1.10.3/src/fios.cpp:295:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fios_title[64];
data/openttd-1.10.3/src/fios.cpp:364:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[sizeof(fios->name)];
data/openttd-1.10.3/src/fios.cpp:434:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_PATH];
data/openttd-1.10.3/src/fios.cpp:562:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base_path[MAX_PATH];
data/openttd-1.10.3/src/fios.cpp:596:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_PATH];
data/openttd-1.10.3/src/fios.cpp:632:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base_path[MAX_PATH];
data/openttd-1.10.3/src/fios.cpp:659:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_PATH]; ///< filename of the file.
data/openttd-1.10.3/src/fios.cpp:707:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[MAX_PATH]; ///< \a filename without the extension.
data/openttd-1.10.3/src/fios.h:106:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[64];
data/openttd-1.10.3/src/fios.h:107:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_PATH];
data/openttd-1.10.3/src/fontcache.cpp:974:3: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR fontPath[MAX_PATH];
data/openttd-1.10.3/src/fontcache.cpp:1000:5: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR fname[_MAX_FNAME];
data/openttd-1.10.3/src/fontcache.h:216:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char font[MAX_PATH]; ///< The name of the font, or path to the font.
data/openttd-1.10.3/src/fontdetection.cpp:53:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char short_path[MAX_PATH];
data/openttd-1.10.3/src/fontdetection.cpp:80:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR vbuffer[MAX_PATH], dbuffer[256];
data/openttd-1.10.3/src/fontdetection.cpp:178:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char font_name[MAX_PATH];
data/openttd-1.10.3/src/fontdetection.cpp:319:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char font_name[MAX_PATH];
data/openttd-1.10.3/src/fontdetection.cpp:460:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[16];
data/openttd-1.10.3/src/fontdetection.cpp:505:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128];
data/openttd-1.10.3/src/fontdetection.cpp:532:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128];
data/openttd-1.10.3/src/fontdetection.cpp:656:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[16];
data/openttd-1.10.3/src/framerate_gui.cpp:1025:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *MEASUREMENT_NAMES[PFE_MAX] = {
data/openttd-1.10.3/src/framerate_gui.cpp:1041:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ai_name_buf[128];
data/openttd-1.10.3/src/game/game_scanner.cpp:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char game_name[1024];
data/openttd-1.10.3/src/game/game_scanner.cpp:55:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
versionParam = atoi(e);
data/openttd-1.10.3/src/game/game_scanner.cpp:61:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char game_name_tmp[1024];
data/openttd-1.10.3/src/game/game_scanner.cpp:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char library_name[1024];
data/openttd-1.10.3/src/game/game_text.cpp:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/openttd-1.10.3/src/game/game_text.cpp:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/openttd-1.10.3/src/game/game_text.cpp:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/openttd-1.10.3/src/game/game_text.cpp:103:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2048];
data/openttd-1.10.3/src/game/game_text.cpp:252:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[512];
data/openttd-1.10.3/src/game/game_text.cpp:376:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[MAX_PATH];
data/openttd-1.10.3/src/gamelog.cpp:47:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char gamelog_revision[48] = { 0 };
data/openttd-1.10.3/src/gamelog.cpp:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char txt[40];
data/openttd-1.10.3/src/gamelog.cpp:194:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/openttd-1.10.3/src/gamelog_internal.h:44:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[GAMELOG_REVISION_LENGTH]; ///< revision string, _openttd_revision
data/openttd-1.10.3/src/genworld.cpp:211:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_PATH];
data/openttd-1.10.3/src/genworld_gui.cpp:313:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/openttd-1.10.3/src/genworld_gui.cpp:766:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atoi(str);
data/openttd-1.10.3/src/genworld_gui.cpp:1039:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int32 value = atoi(str);
data/openttd-1.10.3/src/gfx.cpp:674:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[DRAW_STRING_BUFFER];
data/openttd-1.10.3/src/gfx.cpp:699:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[DRAW_STRING_BUFFER];
data/openttd-1.10.3/src/gfx.cpp:712:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[DRAW_STRING_BUFFER];
data/openttd-1.10.3/src/gfx.cpp:823:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[DRAW_STRING_BUFFER];
data/openttd-1.10.3/src/gfx.cpp:852:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[DRAW_STRING_BUFFER];
data/openttd-1.10.3/src/gfxinit.cpp:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_msg[MISSING_FILE_MESSAGE_LENGTH * (GraphicsSet::NUM_FILES + SoundsSet::NUM_FILES) + 2 * ERROR_MESSAGE_LENGTH];
data/openttd-1.10.3/src/group_gui.cpp:168:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_name[2][64] = { "", "" };
data/openttd-1.10.3/src/highscore.cpp:126:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(_highscore_file, "wb");
data/openttd-1.10.3/src/highscore.cpp:154:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(_highscore_file, "rb");
data/openttd-1.10.3/src/highscore.h:23:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char company[(MAX_LENGTH_COMPANY_NAME_CHARS + MAX_LENGTH_PRESIDENT_NAME_CHARS + 5) * MAX_CHAR_LENGTH];
data/openttd-1.10.3/src/hotkeys.cpp:166:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[32];
data/openttd-1.10.3/src/hotkeys.cpp:203:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[2];
data/openttd-1.10.3/src/hotkeys.cpp:220:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[128];
data/openttd-1.10.3/src/industry_cmd.cpp:86:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&_industry_tile_specs, &_origin_industry_tile_specs, sizeof(_origin_industry_tile_specs));
data/openttd-1.10.3/src/industry_cmd.cpp:2316:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/openttd-1.10.3/src/industry_gui.cpp:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[512]; ///< Cargo suffix text.
data/openttd-1.10.3/src/industry_gui.cpp:189:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char industry_name[2][64];
data/openttd-1.10.3/src/industry_gui.cpp:355:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/openttd-1.10.3/src/industry_gui.cpp:1063:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint value = atoi(str);
data/openttd-1.10.3/src/ini.cpp:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_new[MAX_PATH];
data/openttd-1.10.3/src/ini.cpp:52:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(file_new, "w");
data/openttd-1.10.3/src/ini.cpp:92:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR tfilename[MAX_PATH + 1], tfile_new[MAX_PATH + 1];
data/openttd-1.10.3/src/ini_load.cpp:214:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/openttd-1.10.3/src/ini_load.cpp:251:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(comment + pos, s, e - s); // copy comment contents
data/openttd-1.10.3/src/language.h:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32]; ///< the international name of this language
data/openttd-1.10.3/src/language.h:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char own_name[32]; ///< the localized name of this language
data/openttd-1.10.3/src/language.h:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char isocode[16]; ///< the ISO code for the language (not country code)
data/openttd-1.10.3/src/language.h:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digit_group_separator[8];
data/openttd-1.10.3/src/language.h:37:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digit_group_separator_currency[8];
data/openttd-1.10.3/src/language.h:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digit_decimal_separator[8];
data/openttd-1.10.3/src/language.h:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char genders[MAX_NUM_GENDERS][CASE_GENDER_LEN]; ///< the genders used by this translation
data/openttd-1.10.3/src/language.h:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cases[MAX_NUM_CASES][CASE_GENDER_LEN]; ///< the cases used by this translation
data/openttd-1.10.3/src/language.h:93:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[MAX_PATH]; ///< Name of the file we read this data from.
data/openttd-1.10.3/src/main_gui.cpp:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[64];
data/openttd-1.10.3/src/main_gui.cpp:74:58: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Money money = min(c->money - c->current_loan, (Money)(atoi(str) / _currency->rate));
data/openttd-1.10.3/src/map.cpp:84:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/openttd-1.10.3/src/misc/blob.hpp:224:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Append(num_bytes), p, num_bytes);
data/openttd-1.10.3/src/misc/blob.hpp:232:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Append(src.Length()), src.Begin(), src.Length());
data/openttd-1.10.3/src/misc/blob.hpp:274:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp + 1, data, tmp->items);
data/openttd-1.10.3/src/misc_gui.cpp:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char landinfo_data[LAND_INFO_LINE_END][LAND_INFO_LINE_BUFF_SIZE];
data/openttd-1.10.3/src/misc_gui.cpp:217:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[16];
data/openttd-1.10.3/src/misc_gui.cpp:686:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (paramcount > 0) memcpy(this->params, params, sizeof(this->params[0]) * paramcount);
data/openttd-1.10.3/src/music.cpp:141:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
this->songinfo[i].cat_index = atoi(item->value);
data/openttd-1.10.3/src/music.cpp:188:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
this->songinfo[i].override_start = atoi(item->value);
data/openttd-1.10.3/src/music.cpp:189:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
this->songinfo[i].override_end = atoi(endpos + 1);
data/openttd-1.10.3/src/music/dmusic.cpp:868:5: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR dls_path[MAX_PATH];
data/openttd-1.10.3/src/music/dmusic.cpp:871:6: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR expand_path[MAX_PATH * 2];
data/openttd-1.10.3/src/music/dmusic.cpp:881:5: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR path[MAX_PATH];
data/openttd-1.10.3/src/music/dmusic.cpp:1100:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[DMUS_MAX_DESCRIPTION];
data/openttd-1.10.3/src/music/extmidi.cpp:122:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int d = open("/dev/null", O_RDONLY);
data/openttd-1.10.3/src/music/extmidi.h:18:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char song[MAX_PATH];
data/openttd-1.10.3/src/music/midifile.cpp:153:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, this->buf + this->pos, length);
data/openttd-1.10.3/src/music/midifile.cpp:1051:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_PATH];
data/openttd-1.10.3/src/music/midifile.cpp:1063:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[MAX_PATH];
data/openttd-1.10.3/src/music/midifile.cpp:1080:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempdirname[MAX_PATH];
data/openttd-1.10.3/src/music/midifile.cpp:1085:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char output_filename[MAX_PATH];
data/openttd-1.10.3/src/music/midifile.cpp:1129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fnbuf[MAX_PATH] = { 0 };
data/openttd-1.10.3/src/music/os2_m.cpp:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/openttd-1.10.3/src/music/os2_m.cpp:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16];
data/openttd-1.10.3/src/music/qtmidi.cpp:91:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/openttd-1.10.3/src/music/qtmidi.cpp:108:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(path, O_RDONLY, 0);
data/openttd-1.10.3/src/music/win32_m.cpp:380:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tryportname[128];
data/openttd-1.10.3/src/network/core/address.cpp:103:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[NETWORK_HOSTNAME_LENGTH + 6 + 7];
data/openttd-1.10.3/src/network/core/address.cpp:168:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int tmp_cidr = atoi(chr_cidr + 1);
data/openttd-1.10.3/src/network/core/address.cpp:228:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char port_name[6];
data/openttd-1.10.3/src/network/core/address.cpp:269:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&this->address, runp->ai_addr, runp->ai_addrlen);
data/openttd-1.10.3/src/network/core/address.cpp:291:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[NETWORK_HOSTNAME_LENGTH + 6 + 7];
data/openttd-1.10.3/src/network/core/address.cpp:336:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char address[NETWORK_HOSTNAME_LENGTH + 6 + 7];
data/openttd-1.10.3/src/network/core/address.h:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[NETWORK_HOSTNAME_LENGTH]; ///< The hostname
data/openttd-1.10.3/src/network/core/address.h:69:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&this->address, address, address_length);
data/openttd-1.10.3/src/network/core/game.h:25:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map_name[NETWORK_NAME_LENGTH]; ///< Map which is played ["random" for a randomized map]
data/openttd-1.10.3/src/network/core/game.h:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server_name[NETWORK_NAME_LENGTH]; ///< Server name
data/openttd-1.10.3/src/network/core/game.h:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[NETWORK_HOSTNAME_LENGTH]; ///< Hostname of the server (if any)
data/openttd-1.10.3/src/network/core/game.h:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server_revision[NETWORK_REVISION_LENGTH]; ///< The version number the server is using (e.g.: 'r304' or 0.5.0)
data/openttd-1.10.3/src/network/core/host.cpp:134:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&address, &ifo[j].iiAddress.Address, sizeof(sockaddr));
data/openttd-1.10.3/src/network/core/host.cpp:153:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4 * 1024]; // Arbitrary buffer size
data/openttd-1.10.3/src/network/core/tcp_admin.h:112:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char admin_name[NETWORK_CLIENT_NAME_LENGTH]; ///< Name of the admin.
data/openttd-1.10.3/src/network/core/tcp_admin.h:113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char admin_version[NETWORK_REVISION_LENGTH]; ///< Version string of the admin.
data/openttd-1.10.3/src/network/core/tcp_content.cpp:47:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this, other, sizeof(ContentInfo));
data/openttd-1.10.3/src/network/core/tcp_content.h:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[48]; ///< Filename (for the .tar.gz; only valid on download)
data/openttd-1.10.3/src/network/core/tcp_content.h:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32]; ///< Name of the content
data/openttd-1.10.3/src/network/core/tcp_content.h:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[16]; ///< Version of the content
data/openttd-1.10.3/src/network/core/tcp_content.h:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url[96]; ///< URL related to the content
data/openttd-1.10.3/src/network/core/tcp_content.h:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char description[512]; ///< Description of the content
data/openttd-1.10.3/src/network/core/tcp_content.h:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*tags)[32]; ///< Malloced array of tags (strings)
data/openttd-1.10.3/src/network/core/tcp_http.cpp:134:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int len = atoi(length);
data/openttd-1.10.3/src/network/core/tcp_http.cpp:211:55: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
NetworkAddress address(hname, port == nullptr ? 80 : atoi(port));
data/openttd-1.10.3/src/network/core/tcp_http.h:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char recv_buffer[4096]; ///< Partially received message.
data/openttd-1.10.3/src/network/network.cpp:186:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char salted_password[NETWORK_SERVER_ID_LENGTH];
data/openttd-1.10.3/src/network/network.cpp:197:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char hashed_password[NETWORK_SERVER_ID_LENGTH];
data/openttd-1.10.3/src/network/network.cpp:255:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[1024];
data/openttd-1.10.3/src/network/network.cpp:370:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[DRAW_STRING_BUFFER];
data/openttd-1.10.3/src/network/network.cpp:600:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[NETWORK_HOSTNAME_LENGTH];
data/openttd-1.10.3/src/network/network.cpp:609:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (port != nullptr) rport = atoi(port);
data/openttd-1.10.3/src/network/network.cpp:900:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[4096];
data/openttd-1.10.3/src/network/network.cpp:1015:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex_output[16 * 2 + 1];
data/openttd-1.10.3/src/network/network.cpp:1016:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char coding_string[NETWORK_NAME_LENGTH];
data/openttd-1.10.3/src/network/network.cpp:1114:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char githash_suffix[GITHASH_SUFFIX_LEN + 1] = "-";
data/openttd-1.10.3/src/network/network_admin.cpp:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[100];
data/openttd-1.10.3/src/network/network_admin.cpp:318:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char company_name[NETWORK_COMPANY_NAME_LENGTH];
data/openttd-1.10.3/src/network/network_admin.cpp:319:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char manager_name[NETWORK_COMPANY_NAME_LENGTH];
data/openttd-1.10.3/src/network/network_admin.cpp:354:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char company_name[NETWORK_COMPANY_NAME_LENGTH];
data/openttd-1.10.3/src/network/network_admin.cpp:355:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char manager_name[NETWORK_COMPANY_NAME_LENGTH];
data/openttd-1.10.3/src/network/network_admin.cpp:516:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[NETWORK_RCONCOMMAND_LENGTH];
data/openttd-1.10.3/src/network/network_admin.cpp:532:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char json[NETWORK_GAMESCRIPT_JSON_LENGTH];
data/openttd-1.10.3/src/network/network_admin.cpp:666:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[NETWORK_PASSWORD_LENGTH];
data/openttd-1.10.3/src/network/network_admin.cpp:788:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[NETWORK_CHAT_LENGTH];
data/openttd-1.10.3/src/network/network_base.h:25:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_name[NETWORK_CLIENT_NAME_LENGTH]; ///< Name of the client
data/openttd-1.10.3/src/network/network_chat_gui.cpp:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[DRAW_STRING_BUFFER]; ///< The action message.
data/openttd-1.10.3/src/network/network_chat_gui.cpp:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DRAW_STRING_BUFFER];
data/openttd-1.10.3/src/network/network_chat_gui.cpp:334:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char chat_tab_temp_buffer[64];
data/openttd-1.10.3/src/network/network_chat_gui.cpp:380:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _chat_tab_completion_buf[NETWORK_CHAT_LENGTH];
data/openttd-1.10.3/src/network/network_client.cpp:76:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this->buf, pbuf, to_write);
data/openttd-1.10.3/src/network/network_client.cpp:89:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this->buf, pbuf, to_write);
data/openttd-1.10.3/src/network/network_client.cpp:107:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rbuf, this->buf, to_write);
data/openttd-1.10.3/src/network/network_client.cpp:310:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _password_server_id[NETWORK_SERVER_ID_LENGTH];
data/openttd-1.10.3/src/network/network_client.cpp:612:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NETWORK_NAME_LENGTH];
data/openttd-1.10.3/src/network/network_client.cpp:692:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kick_msg[255];
data/openttd-1.10.3/src/network/network_client.cpp:724:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[sizeof(c.md5sum) * 2 + 1];
data/openttd-1.10.3/src/network/network_client.cpp:974:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NETWORK_NAME_LENGTH], msg[NETWORK_CHAT_LENGTH];
data/openttd-1.10.3/src/network/network_client.cpp:1113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rcon_out[NETWORK_RCONCOMMAND_LENGTH];
data/openttd-1.10.3/src/network/network_content.cpp:382:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[MAX_PATH];
data/openttd-1.10.3/src/network/network_content.cpp:400:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *ftmp = fopen(GetFullFilename(ci, true), "rb");
data/openttd-1.10.3/src/network/network_content.cpp:406:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fout = fopen(GetFullFilename(ci, false), "wb");
data/openttd-1.10.3/src/network/network_content.cpp:502:47: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (filename == nullptr || (this->curFile = fopen(filename, "wb")) == nullptr) {
data/openttd-1.10.3/src/network/network_content.cpp:632:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
this->curInfo->id = (ContentID)atoi(str);
data/openttd-1.10.3/src/network/network_content.cpp:638:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
this->curInfo->type = (ContentType)atoi(str);
data/openttd-1.10.3/src/network/network_content.cpp:644:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
this->curInfo->filesize = atoi(str);
data/openttd-1.10.3/src/network/network_content.cpp:662:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MAX_PATH];
data/openttd-1.10.3/src/network/network_content_gui.cpp:318:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char content_type_strs[CONTENT_TYPE_END][64]; ///< Cached strings for all content types.
data/openttd-1.10.3/src/network/network_content_gui.cpp:325:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char url[1024];
data/openttd-1.10.3/src/network/network_content_gui.cpp:728:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DRAW_STRING_BUFFER] = "";
data/openttd-1.10.3/src/network/network_content_gui.cpp:749:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DRAW_STRING_BUFFER] = "";
data/openttd-1.10.3/src/network/network_content_gui.cpp:763:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DRAW_STRING_BUFFER] = "";
data/openttd-1.10.3/src/network/network_content_gui.h:26:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[48]; ///< The current name of the downloaded file
data/openttd-1.10.3/src/network/network_gui.cpp:667:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char network_addr_buffer[NETWORK_HOSTNAME_LENGTH + 6 + 7];
data/openttd-1.10.3/src/network/network_gui.cpp:1252:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int32 value = atoi(str);
data/openttd-1.10.3/src/network/network_gui.h:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char company_name[NETWORK_COMPANY_NAME_LENGTH]; ///< Company name
data/openttd-1.10.3/src/network/network_gui.h:36:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char clients[NETWORK_CLIENTS_LENGTH]; ///< The clients that control this company (Name1, name2, ..)
data/openttd-1.10.3/src/network/network_server.cpp:178:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this->current->buffer + this->current->size, buf, to_write);
data/openttd-1.10.3/src/network/network_server.cpp:270:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_name[NETWORK_CLIENT_NAME_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:364:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char clients[MAX_COMPANIES][NETWORK_CLIENTS_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:374:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_name[NETWORK_CLIENT_NAME_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:424:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[100];
data/openttd-1.10.3/src/network/network_server.cpp:436:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_name[NETWORK_CLIENT_NAME_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:894:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NETWORK_CLIENT_NAME_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:897:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_revision[NETWORK_REVISION_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:969:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[NETWORK_PASSWORD_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:994:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[NETWORK_PASSWORD_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:1035:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_name[NETWORK_CLIENT_NAME_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:1145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[100];
data/openttd-1.10.3/src/network/network_server.cpp:1146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_name[NETWORK_CLIENT_NAME_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:1178:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_name[NETWORK_CLIENT_NAME_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:1334:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NETWORK_NAME_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:1378:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[NETWORK_CHAT_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:1407:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[NETWORK_PASSWORD_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:1424:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_name[NETWORK_CLIENT_NAME_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:1447:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pass[NETWORK_PASSWORD_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:1448:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[NETWORK_RCONCOMMAND_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:1480:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[NETWORK_PASSWORD_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:1505:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char company_name[NETWORK_COMPANY_NAME_LENGTH];
data/openttd-1.10.3/src/network/network_server.cpp:1705:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char original_name[NETWORK_CLIENT_NAME_LENGTH];
data/openttd-1.10.3/src/network/network_type.h:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char password[NETWORK_PASSWORD_LENGTH]; ///< The password for the company
data/openttd-1.10.3/src/network/network_udp.cpp:202:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char company_name[NETWORK_COMPANY_NAME_LENGTH];
data/openttd-1.10.3/src/network/network_udp.cpp:279:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NETWORK_GRF_NAME_LENGTH];
data/openttd-1.10.3/src/network/network_udp.cpp:416:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[NETWORK_GRF_NAME_LENGTH];
data/openttd-1.10.3/src/newgrf.cpp:382:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/openttd-1.10.3/src/newgrf.cpp:2701:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(_currency_specs[curidx].prefix, &tempfix, 4);
data/openttd-1.10.3/src/newgrf.cpp:2714:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&_currency_specs[curidx].suffix, &tempfix, 4);
data/openttd-1.10.3/src/newgrf.cpp:3190:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tsp, &_industry_tile_specs[subs_id], sizeof(_industry_tile_specs[subs_id]));
data/openttd-1.10.3/src/newgrf.cpp:3855:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(as, AirportSpec::GetWithoutOverride(subs_id), sizeof(*as));
data/openttd-1.10.3/src/newgrf.cpp:3925:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tile_table[j], copy_from, sizeof(*copy_from) * size);
data/openttd-1.10.3/src/newgrf.cpp:4627:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tsp, AirportTileSpec::Get(subs_id), sizeof(AirportTileSpec));
data/openttd-1.10.3/src/newgrf.cpp:7773:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[256];
data/openttd-1.10.3/src/newgrf_airport.cpp:159:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&AirportSpec::specs, &_origin_airport_specs, sizeof(AirportSpec) * NEW_AIRPORT_OFFSET);
data/openttd-1.10.3/src/newgrf_airport.cpp:185:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(AirportSpec::GetWithoutOverride(airport_id), as, sizeof(*as));
data/openttd-1.10.3/src/newgrf_airporttiles.cpp:60:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&AirportTileSpec::tiles, &_origin_airporttile_specs, sizeof(_origin_airporttile_specs));
data/openttd-1.10.3/src/newgrf_airporttiles.cpp:75:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&AirportTileSpec::tiles[airpt_id], airpts, sizeof(*airpts));
data/openttd-1.10.3/src/newgrf_commons.cpp:294:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&_industry_tile_specs[indt_id], its, sizeof(*its));
data/openttd-1.10.3/src/newgrf_commons.cpp:336:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&_object_specs[type], spec, sizeof(*spec));
data/openttd-1.10.3/src/newgrf_commons.cpp:529:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/openttd-1.10.3/src/newgrf_config.cpp:564:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/openttd-1.10.3/src/newgrf_debug_gui.cpp:398:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/openttd-1.10.3/src/newgrf_debug_gui.cpp:518:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[64];
data/openttd-1.10.3/src/newgrf_debug_gui.cpp:997:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
this->current_sprite = atoi(str);
data/openttd-1.10.3/src/newgrf_engine.cpp:51:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wo->train_id, train_id, trains * sizeof *train_id);
data/openttd-1.10.3/src/newgrf_gui.cpp:68:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[512];
data/openttd-1.10.3/src/newgrf_gui.cpp:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/openttd-1.10.3/src/newgrf_gui.cpp:431:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int32 value = atoi(str);
data/openttd-1.10.3/src/newgrf_gui.cpp:2250:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/openttd-1.10.3/src/newgrf_profiling.cpp:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestamp[16] = {};
data/openttd-1.10.3/src/newgrf_profiling.cpp:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filepath[MAX_PATH] = {};
data/openttd-1.10.3/src/newgrf_storage.h:109:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this->prev_storage, this->storage, sizeof(this->storage));
data/openttd-1.10.3/src/newgrf_text.cpp:125:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this->text, text_, len);
data/openttd-1.10.3/src/newgrf_text.cpp:242:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, this->strings[0], len);
data/openttd-1.10.3/src/newgrf_text.cpp:278:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, str, len);
data/openttd-1.10.3/src/newgrf_text.cpp:284:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, this->strings[0], len);
data/openttd-1.10.3/src/newgrf_text.cpp:319:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, str, len);
data/openttd-1.10.3/src/news_gui.cpp:1089:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512], buffer2[512];
data/openttd-1.10.3/src/news_type.h:149:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char company_name[64]; ///< The name of the company
data/openttd-1.10.3/src/news_type.h:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char president_name[64]; ///< The name of the president
data/openttd-1.10.3/src/news_type.h:151:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char other_company_name[64]; ///< The name of the company taking over this one
data/openttd-1.10.3/src/openttd.cpp:96:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/openttd-1.10.3/src/openttd.cpp:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/openttd-1.10.3/src/openttd.cpp:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/openttd-1.10.3/src/openttd.cpp:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/openttd-1.10.3/src/openttd.cpp:233:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/openttd-1.10.3/src/openttd.cpp:247:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char md5sum[33];
data/openttd-1.10.3/src/openttd.cpp:472:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
join_as = (CompanyID)atoi(company);
data/openttd-1.10.3/src/openttd.cpp:482:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (port != nullptr) rport = atoi(port);
data/openttd-1.10.3/src/openttd.cpp:591:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (port != nullptr) scanner->dedicated_port = atoi(port);
data/openttd-1.10.3/src/openttd.cpp:608:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case 't': scanner->startyear = atoi(mgo.opt); break;
data/openttd-1.10.3/src/openttd.cpp:647:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[80];
data/openttd-1.10.3/src/openttd.cpp:656:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/openttd-1.10.3/src/openttd.cpp:788:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (port != nullptr) rport = atoi(port);
data/openttd-1.10.3/src/openttd.cpp:1309:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff, &v->cargo, sizeof(VehicleCargoList));
data/openttd-1.10.3/src/openttd.cpp:1324:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff, &st->goods[c].cargo, sizeof(StationCargoList));
data/openttd-1.10.3/src/openttd.cpp:1414:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_PATH];
data/openttd-1.10.3/src/openttd.cpp:1456:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_PATH];
data/openttd-1.10.3/src/order_gui.cpp:1336:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint value = atoi(str);
data/openttd-1.10.3/src/os/macosx/crashlog_osx.cpp:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename_log[MAX_PATH]; ///< Path of crash.log
data/openttd-1.10.3/src/os/macosx/crashlog_osx.cpp:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename_save[MAX_PATH]; ///< Path of crash.sav
data/openttd-1.10.3/src/os/macosx/crashlog_osx.cpp:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename_screenshot[MAX_PATH]; ///< Path of crash.(png|bmp|pcx)
data/openttd-1.10.3/src/os/macosx/crashlog_osx.cpp:167:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[65536];
data/openttd-1.10.3/src/os/macosx/crashlog_osx.cpp:202:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[1024];
data/openttd-1.10.3/src/os/macosx/splash.cpp:135:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, width);
data/openttd-1.10.3/src/os/os2/os2.cpp:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wd[MAX_PATH];
data/openttd-1.10.3/src/os/os2/os2.cpp:127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_PATH];
data/openttd-1.10.3/src/os/unix/unix.cpp:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_PATH];
data/openttd-1.10.3/src/os/unix/unix.cpp:147:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1024];
data/openttd-1.10.3/src/os/unix/unix.cpp:297:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *args[3];
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char crashlog[65536];
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char crashlog_filename[MAX_PATH];
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:59:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char crashdump_filename[MAX_PATH];
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char screenshot_filename[MAX_PATH];
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:185:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR buffer[MAX_PATH];
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:686:4: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR crash_msgW[lengthof(CrashLogWindows::current->crashlog)];
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:689:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dos_nl[lengthof(CrashLogWindows::current->crashlog)];
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:707:5: [2] (buffer) _tcscat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Risk is low because the source is a constant string.
_tcscat(text, _T("\n"));
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:711:5: [2] (buffer) _tcscat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Risk is low because the source is a constant string.
_tcscat(text, _T("\n"));
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:726:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_PATH];
data/openttd-1.10.3/src/os/windows/win32.cpp:144:4: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR search_path[MAX_PATH];
data/openttd-1.10.3/src/os/windows/win32.cpp:207:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR drives[256];
data/openttd-1.10.3/src/os/windows/win32.cpp:248:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR root[4];
data/openttd-1.10.3/src/os/windows/win32.cpp:353:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char help_msg[8192];
data/openttd-1.10.3/src/os/windows/win32.cpp:369:4: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR help_msg_buf[8192];
data/openttd-1.10.3/src/os/windows/win32.cpp:403:4: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR help_msg_buf[8192];
data/openttd-1.10.3/src/os/windows/win32.cpp:413:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[64]; // max 64 command line arguments
data/openttd-1.10.3/src/os/windows/win32.cpp:448:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR path[MAX_PATH];
data/openttd-1.10.3/src/os/windows/win32.cpp:457:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[MAX_PATH];
data/openttd-1.10.3/src/os/windows/win32.cpp:458:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR path[MAX_PATH];
data/openttd-1.10.3/src/os/windows/win32.cpp:493:3: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR exec_dir[MAX_PATH];
data/openttd-1.10.3/src/os/windows/win32.cpp:560:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char utf8_buf[512];
data/openttd-1.10.3/src/os/windows/win32.cpp:578:9: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static TCHAR system_buf[512];
data/openttd-1.10.3/src/os/windows/win32.cpp:597:17: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
int wide_len = MultiByteToWideChar(CP_ACP, 0, name, -1, nullptr, 0);
data/openttd-1.10.3/src/os/windows/win32.cpp:604:2: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_ACP, 0, name, -1, wide_buf, wide_len);
data/openttd-1.10.3/src/os/windows/win32.cpp:628:12: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
int len = MultiByteToWideChar(CP_UTF8, 0, name, -1, system_buf, (int)buflen);
data/openttd-1.10.3/src/os/windows/win32.cpp:631:12: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
int len = MultiByteToWideChar(CP_UTF8, 0, name, -1, nullptr, 0);
data/openttd-1.10.3/src/os/windows/win32.cpp:638:2: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_UTF8, 0, name, -1, wide_buf, len);
data/openttd-1.10.3/src/os/windows/win32.cpp:715:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[9], country[9];
data/openttd-1.10.3/src/os/windows/win32.cpp:722:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char retbuf[6] = {lang[0], lang[1], '_', country[0], country[1], 0};
data/openttd-1.10.3/src/os/windows/win32.cpp:732:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iso[16];
data/openttd-1.10.3/src/os/windows/win32.cpp:745:2: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_UTF8, 0, iso, -1, _cur_iso_locale, lengthof(_cur_iso_locale));
data/openttd-1.10.3/src/os/windows/win32.cpp:768:16: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
int len_s1 = MultiByteToWideChar(CP_UTF8, 0, s1, -1, nullptr, 0);
data/openttd-1.10.3/src/os/windows/win32.cpp:769:16: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
int len_s2 = MultiByteToWideChar(CP_UTF8, 0, s2, -1, nullptr, 0);
data/openttd-1.10.3/src/os/windows/win32.cpp:775:4: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_UTF8, 0, s1, -1, str_s1, len_s1);
data/openttd-1.10.3/src/os/windows/win32.cpp:776:4: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_UTF8, 0, s2, -1, str_s2, len_s2);
data/openttd-1.10.3/src/os/windows/win32.cpp:783:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR s1_buf[512], s2_buf[512];
data/openttd-1.10.3/src/osk_gui.cpp:26:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _keyboard_opt[2][OSK_KEYBOARD_ENTRIES * 4 + 1];
data/openttd-1.10.3/src/osk_gui.cpp:357:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyboard[2][OSK_KEYBOARD_ENTRIES * 4 + 1];
data/openttd-1.10.3/src/osk_gui.cpp:358:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errormark[2][OSK_KEYBOARD_ENTRIES + 1]; // used for marking invalid chars
data/openttd-1.10.3/src/pathfinder/yapf/yapf_rail.cpp:27:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f1 = fopen("yapf1.txt", "wt");
data/openttd-1.10.3/src/pathfinder/yapf/yapf_rail.cpp:28:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f2 = fopen("yapf2.txt", "wt");
data/openttd-1.10.3/src/roadveh_gui.cpp:44:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char capacity[512];
data/openttd-1.10.3/src/roadveh_gui.cpp:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/openttd-1.10.3/src/saveload/afterload.cpp:379:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[8192];
data/openttd-1.10.3/src/saveload/afterload.cpp:404:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/openttd-1.10.3/src/saveload/afterload.cpp:409:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/openttd-1.10.3/src/saveload/ai_sl.cpp:23:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _ai_saveload_name[64];
data/openttd-1.10.3/src/saveload/ai_sl.cpp:25:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _ai_saveload_settings[1024];
data/openttd-1.10.3/src/saveload/game_sl.cpp:23:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _game_saveload_name[64];
data/openttd-1.10.3/src/saveload/game_sl.cpp:25:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _game_saveload_settings[1024];
data/openttd-1.10.3/src/saveload/industry_sl.cpp:112:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(i->psa->storage, _old_ind_persistent_storage.storage, sizeof(_old_ind_persistent_storage.storage));
data/openttd-1.10.3/src/saveload/oldloader.cpp:247:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[TTD_HEADER_SIZE] = "Unknown";
data/openttd-1.10.3/src/saveload/saveload.cpp:63:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _savegame_format[8]; ///< how to compress savegames
data/openttd-1.10.3/src/saveload/saveload.cpp:373:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[256];
data/openttd-1.10.3/src/saveload/saveload.cpp:963:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *)ptr)[len] = '\0'; // properly terminate the string
data/openttd-1.10.3/src/saveload/saveload.cpp:2449:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char err_str[512];
data/openttd-1.10.3/src/saveload/saveload.cpp:2630:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_str[64];
data/openttd-1.10.3/src/saveload/saveload.h:321:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_PATH]; ///< Name of the file.
data/openttd-1.10.3/src/saveload/saveload.h:322:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[255]; ///< Internal name of the game.
data/openttd-1.10.3/src/saveload/saveload.h:868:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char _savegame_format[8];
data/openttd-1.10.3/src/saveload/station_sl.cpp:538:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(st->airport.psa->storage, _old_st_persistent_storage.storage, sizeof(_old_st_persistent_storage.storage));
data/openttd-1.10.3/src/saveload/strings_sl.cpp:66:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[LEN_OLD_STRINGS * MAX_CHAR_LENGTH];
data/openttd-1.10.3/src/screenshot.cpp:35:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _screenshot_format_name[8]; ///< Extension of the current screenshot format (corresponds with #_cur_screenshot_format).
data/openttd-1.10.3/src/screenshot.cpp:38:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _screenshot_name[128]; ///< Filename of the screenshot file.
data/openttd-1.10.3/src/screenshot.cpp:39:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _full_screenshot_name[MAX_PATH]; ///< Pathname of the screenshot file.
data/openttd-1.10.3/src/screenshot.cpp:123:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(name, "wb");
data/openttd-1.10.3/src/screenshot.cpp:194:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line, buff + n * w, w);
data/openttd-1.10.3/src/screenshot.cpp:271:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(name, "wb");
data/openttd-1.10.3/src/screenshot.cpp:311:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8192];
data/openttd-1.10.3/src/screenshot.cpp:449:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(name, "wb");
data/openttd-1.10.3/src/screenshot.h:33:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char _screenshot_format_name[8];
data/openttd-1.10.3/src/screenshot.h:36:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char _full_screenshot_name[MAX_PATH];
data/openttd-1.10.3/src/script/api/script_admin.cpp:31:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/openttd-1.10.3/src/script/api/script_controller.cpp:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_message[1024];
data/openttd-1.10.3/src/script/api/script_controller.cpp:115:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char library_name[1024];
data/openttd-1.10.3/src/script/api/script_controller.cpp:121:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[1024];
data/openttd-1.10.3/src/script/api/script_controller.cpp:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fake_class[1024];
data/openttd-1.10.3/src/script/api/script_controller.cpp:147:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[1024];
data/openttd-1.10.3/src/script/api/script_controller.cpp:166:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[1024];
data/openttd-1.10.3/src/script/api/script_event_types.cpp:306:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int res = atoi(value);
data/openttd-1.10.3/src/script/api/script_object.cpp:284:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[64];
data/openttd-1.10.3/src/script/api/script_text.cpp:163:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k = atoi(key_string + 6);
data/openttd-1.10.3/src/script/api/script_text.cpp:181:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1024];
data/openttd-1.10.3/src/script/api/script_text.cpp:214:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1024];
data/openttd-1.10.3/src/script/api/script_text.hpp:132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *params[SCRIPT_TEXT_MAX_PARAMETERS];
data/openttd-1.10.3/src/script/script_config.cpp:180:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
this->SetSetting(item_name, atoi(item_value));
data/openttd-1.10.3/src/script/script_config.cpp:190:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char no[10];
data/openttd-1.10.3/src/script/script_info.cpp:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[1024];
data/openttd-1.10.3/src/script/script_info.cpp:194:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[1024];
data/openttd-1.10.3/src/script/script_info.cpp:207:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[1024];
data/openttd-1.10.3/src/script/script_info.cpp:218:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[1024];
data/openttd-1.10.3/src/script/script_info.cpp:240:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error[1024];
data/openttd-1.10.3/src/script/script_info.cpp:258:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int key = atoi(key_string + 1);
data/openttd-1.10.3/src/script/script_info_dummy.cpp:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy_script[4096];
data/openttd-1.10.3/src/script/script_info_dummy.cpp:64:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_message[1024];
data/openttd-1.10.3/src/script/script_info_dummy.cpp:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char safe_error_message[1024];
data/openttd-1.10.3/src/script/script_info_dummy.cpp:77:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy_script[4096];
data/openttd-1.10.3/src/script/script_instance.cpp:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char script_name[32];
data/openttd-1.10.3/src/script/script_instance.cpp:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_PATH];
data/openttd-1.10.3/src/script/script_instance.cpp:572:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[256];
data/openttd-1.10.3/src/script/script_scanner.cpp:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char script_original_name[1024];
data/openttd-1.10.3/src/script/script_scanner.cpp:126:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char script_name[1024];
data/openttd-1.10.3/src/script/script_scanner.cpp:262:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH];
data/openttd-1.10.3/src/script/squirrel.cpp:233:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, userdata, size);
data/openttd-1.10.3/src/script/squirrel.cpp:526:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[5];
data/openttd-1.10.3/src/script/squirrel_helper.hpp:150:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arr->array, data.data(), sizeof(int32) * data.size());
data/openttd-1.10.3/src/script/squirrel_std.cpp:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH];
data/openttd-1.10.3/src/settings.cpp:342:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, start, many - start);
data/openttd-1.10.3/src/settings.cpp:606:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/openttd-1.10.3/src/settings.cpp:1611:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[1024];
data/openttd-1.10.3/src/settings.cpp:1634:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[1024];
data/openttd-1.10.3/src/settings.cpp:1655:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[9];
data/openttd-1.10.3/src/settings.cpp:1677:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[4 * 2 + 1 + 16 * 2 + 1 + MAX_PATH];
data/openttd-1.10.3/src/settings.cpp:1678:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char params[512];
data/openttd-1.10.3/src/settings.cpp:2146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[20];
data/openttd-1.10.3/src/settings.cpp:2184:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[80];
data/openttd-1.10.3/src/settings_gui.cpp:2221:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atoi(str);
data/openttd-1.10.3/src/settings_gui.cpp:2612:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_custom_currency.rate = Clamp(atoi(str), 1, UINT16_MAX);
data/openttd-1.10.3/src/settings_gui.cpp:2628:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(str);
data/openttd-1.10.3/src/settings_type.h:222:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
uint8 open; ///< NewsDisplay on new industry constructions
data/openttd-1.10.3/src/settings_type.h:252:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server_name[NETWORK_NAME_LENGTH]; ///< name of the server
data/openttd-1.10.3/src/settings_type.h:253:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char server_password[NETWORK_PASSWORD_LENGTH]; ///< password for joining this server
data/openttd-1.10.3/src/settings_type.h:254:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rcon_password[NETWORK_PASSWORD_LENGTH]; ///< password for rconsole (server side)
data/openttd-1.10.3/src/settings_type.h:255:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char admin_password[NETWORK_PASSWORD_LENGTH]; ///< password for the admin network
data/openttd-1.10.3/src/settings_type.h:258:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char client_name[NETWORK_CLIENT_NAME_LENGTH]; ///< name of the player (as client)
data/openttd-1.10.3/src/settings_type.h:259:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char default_company_pass[NETWORK_PASSWORD_LENGTH]; ///< default password for new companies in encrypted form
data/openttd-1.10.3/src/settings_type.h:260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char connect_to_ip[NETWORK_HOSTNAME_LENGTH]; ///< default for the "Add server" query
data/openttd-1.10.3/src/settings_type.h:261:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char network_id[NETWORK_SERVER_ID_LENGTH]; ///< network ID for servers
data/openttd-1.10.3/src/settings_type.h:273:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char last_host[NETWORK_HOSTNAME_LENGTH]; ///< IP address of the last joined server
data/openttd-1.10.3/src/settingsgen/settingsgen.cpp:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/openttd-1.10.3/src/settingsgen/settingsgen.cpp:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[OUTPUT_BLOCK_SIZE]; ///< Stored data.
data/openttd-1.10.3/src/settingsgen/settingsgen.cpp:173:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *in = fopen(filename, "rb");
data/openttd-1.10.3/src/settingsgen/settingsgen.cpp:299:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char variable[MAX_VAR_LENGTH];
data/openttd-1.10.3/src/settingsgen/settingsgen.cpp:334:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *in_fp = fopen(fname, "r");
data/openttd-1.10.3/src/settingsgen/settingsgen.cpp:340:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/openttd-1.10.3/src/settingsgen/settingsgen.cpp:361:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f2 = fopen(n2, "rb");
data/openttd-1.10.3/src/settingsgen/settingsgen.cpp:364:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f1 = fopen(n1, "rb");
data/openttd-1.10.3/src/settingsgen/settingsgen.cpp:372:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b1[4096];
data/openttd-1.10.3/src/settingsgen/settingsgen.cpp:373:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b2[4096];
data/openttd-1.10.3/src/settingsgen/settingsgen.cpp:491:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(tmp_output, "w");
data/openttd-1.10.3/src/signs_gui.cpp:46:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char default_name[64]; ///< Default sign name, used if Sign::name is nullptr.
data/openttd-1.10.3/src/sound.cpp:61:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[255];
data/openttd-1.10.3/src/station_cmd.cpp:456:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_LENGTH_STATION_NAME_CHARS * MAX_CHAR_LENGTH];
data/openttd-1.10.3/src/station_cmd.cpp:1118:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(layout, statspec->layouts[plat_len - 1][numtracks - 1],
data/openttd-1.10.3/src/statusbar_gui.cpp:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/openttd-1.10.3/src/statusbar_gui.cpp:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/openttd-1.10.3/src/stdafx.h:263:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define fopen(file, mode) _tfopen(OTTD2FS(file), _T(mode))
data/openttd-1.10.3/src/stdafx.h:269:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define fopen(file, mode) fopen(OTTD2FS(file), mode)
data/openttd-1.10.3/src/stdafx.h:269:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define fopen(file, mode) fopen(OTTD2FS(file), mode)
data/openttd-1.10.3/src/story_gui.cpp:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char selected_generic_title[255]; ///< If the selected page doesn't have a custom title, this buffer is used to store a generic page title.
data/openttd-1.10.3/src/strgen/strgen.cpp:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/openttd-1.10.3/src/strgen/strgen.cpp:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/openttd-1.10.3/src/strgen/strgen.cpp:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/openttd-1.10.3/src/strgen/strgen.cpp:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/openttd-1.10.3/src/strgen/strgen.cpp:106:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
this->fh = fopen(file, "rb");
data/openttd-1.10.3/src/strgen/strgen.cpp:205:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f2 = fopen(n2, "rb");
data/openttd-1.10.3/src/strgen/strgen.cpp:208:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f1 = fopen(n1, "rb");
data/openttd-1.10.3/src/strgen/strgen.cpp:216:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b1[4096];
data/openttd-1.10.3/src/strgen/strgen.cpp:217:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b2[4096];
data/openttd-1.10.3/src/strgen/strgen.cpp:245:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
this->fh = fopen(this->filename, "wb");
data/openttd-1.10.3/src/strgen/strgen.cpp:427:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathbuf[MAX_PATH];
data/openttd-1.10.3/src/strgen/strgen_base.cpp:185:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_COMMAND_PARAM_SIZE];
data/openttd-1.10.3/src/strgen/strgen_base.cpp:456:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *words[MAX_NUM_GENDERS];
data/openttd-1.10.3/src/strgen/strgen_base.cpp:491:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char case_str[CASE_GENDER_LEN];
data/openttd-1.10.3/src/strgen/strgen_base.cpp:493:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(case_str, str, len);
data/openttd-1.10.3/src/strgen/strgen_base.cpp:599:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char param[MAX_COMMAND_PARAM_SIZE];
data/openttd-1.10.3/src/strgen/strgen_base.cpp:800:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_lang.plural_form = atoi(str + 7);
data/openttd-1.10.3/src/strgen/strgen_base.cpp:818:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/openttd-1.10.3/src/strgen/strgen_base.cpp:902:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char param[MAX_COMMAND_PARAM_SIZE];
data/openttd-1.10.3/src/strgen/strgen_base.cpp:938:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2];
data/openttd-1.10.3/src/string.cpp:140:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, s, len);
data/openttd-1.10.3/src/string.cpp:151:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/openttd-1.10.3/src/string.cpp:158:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, buf, len + 1);
data/openttd-1.10.3/src/string.cpp:425:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *md5sumToString(char *buf, const char *last, const uint8 md5sum[16])
data/openttd-1.10.3/src/string.cpp:425:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *md5sumToString(char *buf, const char *last, const uint8 md5sum[16])
data/openttd-1.10.3/src/string.cpp:425:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *md5sumToString(char *buf, const char *last, const uint8 md5sum[16])
data/openttd-1.10.3/src/string_func.h:76:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *md5sumToString(char *buf, const char *last, const uint8 md5sum[16]);
data/openttd-1.10.3/src/string_func.h:76:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *md5sumToString(char *buf, const char *last, const uint8 md5sum[16]);
data/openttd-1.10.3/src/string_func.h:76:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *md5sumToString(char *buf, const char *last, const uint8 md5sum[16]);
data/openttd-1.10.3/src/stringfilter.cpp:81:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, pos, len);
data/openttd-1.10.3/src/stringfilter.cpp:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[DRAW_STRING_BUFFER];
data/openttd-1.10.3/src/strings.cpp:44:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _config_language_file[MAX_PATH]; ///< The file (name) stored in the configuration.
data/openttd-1.10.3/src/strings.cpp:164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[DRAW_STRING_BUFFER];
data/openttd-1.10.3/src/strings.cpp:430:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char day[3];
data/openttd-1.10.3/src/strings.cpp:431:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char month[3];
data/openttd-1.10.3/src/strings.cpp:930:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[4 + 1];
data/openttd-1.10.3/src/strings.cpp:935:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/openttd-1.10.3/src/strings.cpp:1867:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stra[512];
data/openttd-1.10.3/src/strings.cpp:1868:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char strb[512];
data/openttd-1.10.3/src/strings.cpp:1897:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(file, "rb");
data/openttd-1.10.3/src/strings.cpp:1954:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH];
data/openttd-1.10.3/src/strings.cpp:2117:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&_freetype, &backup, sizeof(backup));
data/openttd-1.10.3/src/subsidy.cpp:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char company_name[MAX_LENGTH_COMPANY_NAME_CHARS * MAX_CHAR_LENGTH];
data/openttd-1.10.3/src/textbuf.cpp:202:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this->buf + insertpos, str, bytes);
data/openttd-1.10.3/src/textbuf.cpp:227:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8_buf[512];
data/openttd-1.10.3/src/textbuf_gui.h:42:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char _keyboard_opt[2][OSK_KEYBOARD_ENTRIES * 4 + 1];
data/openttd-1.10.3/src/textfile_gui.cpp:399:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char file_path[MAX_PATH];
data/openttd-1.10.3/src/toolbar_gui.cpp:2568:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atoi(str);
data/openttd-1.10.3/src/town_cmd.cpp:203:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_LENGTH_TOWN_NAME_CHARS * MAX_CHAR_LENGTH];
data/openttd-1.10.3/src/town_cmd.cpp:1883:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char company_name[MAX_LENGTH_COMPANY_NAME_CHARS * MAX_CHAR_LENGTH];
data/openttd-1.10.3/src/town_cmd.cpp:2954:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char company_name[MAX_LENGTH_COMPANY_NAME_CHARS * MAX_CHAR_LENGTH];
data/openttd-1.10.3/src/town_cmd.cpp:3684:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&_house_specs, &_original_house_specs, sizeof(_original_house_specs));
data/openttd-1.10.3/src/town_gui.cpp:1163:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MAX_LENGTH_TOWN_NAME_CHARS * MAX_CHAR_LENGTH];
data/openttd-1.10.3/src/townname.cpp:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[(MAX_LENGTH_TOWN_NAME_CHARS + 1) * MAX_CHAR_LENGTH];
data/openttd-1.10.3/src/townname.cpp:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[(MAX_LENGTH_TOWN_NAME_CHARS + 1) * MAX_CHAR_LENGTH];
data/openttd-1.10.3/src/townname.cpp:203:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (strncmp(buf, org, 4) == 0) memcpy(buf, rep, 4); // Safe as the string in buf is always more than 4 characters long.
data/openttd-1.10.3/src/tunnelbridge_cmd.cpp:96:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&_bridge, &_orig_bridge, sizeof(_orig_bridge));
data/openttd-1.10.3/src/vehicle.cpp:313:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/openttd-1.10.3/src/vehicle_cmd.cpp:765:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/openttd-1.10.3/src/vehicle_gui.cpp:1092:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char last_name[2][64];
data/openttd-1.10.3/src/video/allegro_v.cpp:218:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char caption[32];
data/openttd-1.10.3/src/video/dedicated_v.cpp:78:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _win_console_thread_buffer[200];
data/openttd-1.10.3/src/video/dedicated_v.cpp:220:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char input_line[1024] = "";
data/openttd-1.10.3/src/video/sdl2_v.cpp:248:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char caption[50];
data/openttd-1.10.3/src/video/sdl2_v.cpp:281:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char icon_path[MAX_PATH];
data/openttd-1.10.3/src/video/sdl_v.cpp:256:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char caption[50];
data/openttd-1.10.3/src/video/sdl_v.cpp:266:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char icon_path[MAX_PATH];
data/openttd-1.10.3/src/video/sdl_v.cpp:601:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[30];
data/openttd-1.10.3/src/video/win32_v.cpp:344:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char window_title[64];
data/openttd-1.10.3/src/video/win32_v.cpp:434:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[2] = {(char)charcode, 0};
data/openttd-1.10.3/src/video/win32_v.cpp:449:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t w[2]; // Can get up to two code points as a result.
data/openttd-1.10.3/src/video/win32_v.cpp:450:12: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
int len = MultiByteToWideChar(CP_ACP, 0, input, input_len, w, 2);
data/openttd-1.10.3/src/video/win32_v.cpp:585:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char utf8_buf[1024];
data/openttd-1.10.3/src/viewport.cpp:1448:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[DRAW_STRING_BUFFER];
data/openttd-1.10.3/src/widgets/dropdown.cpp:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[512];
data/openttd-1.10.3/src/widgets/dropdown.cpp:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer1[512], buffer2[512];
data/openttd-1.10.3/src/3rdparty/os2/getaddrinfo.c:247:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sai->ai_canonname = malloc (strlen (hp->h_name) + 1);
data/openttd-1.10.3/src/3rdparty/os2/getnameinfo.c:152:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sp->s_name) + 1 > servlen)
data/openttd-1.10.3/src/3rdparty/os2/getnameinfo.c:154:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(serv, sp->s_name, servlen);
data/openttd-1.10.3/src/3rdparty/os2/getnameinfo.c:157:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(numserv) + 1 > servlen)
data/openttd-1.10.3/src/3rdparty/os2/getnameinfo.c:159:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(serv, numserv, servlen);
data/openttd-1.10.3/src/3rdparty/os2/getnameinfo.c:246:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(hp->h_name) + 1 > hostlen) {
data/openttd-1.10.3/src/3rdparty/os2/getnameinfo.c:252:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(host, hp->h_name, hostlen);
data/openttd-1.10.3/src/3rdparty/os2/getnameinfo.c:299:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
numaddrlen = strlen(numaddr);
data/openttd-1.10.3/src/3rdparty/os2/getnameinfo.c:302:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(host, numaddr, hostlen);
data/openttd-1.10.3/src/3rdparty/os2/getnameinfo.c:356:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strlen(p));
data/openttd-1.10.3/src/3rdparty/squirrel/include/squirrel.h:216:49: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
SQRESULT sq_compile(HSQUIRRELVM v,SQLEXREADFUNC read,SQUserPointer p,const SQChar *sourcename,SQBool raiseerror);
data/openttd-1.10.3/src/3rdparty/squirrel/sqstdlib/sqstdrex.cpp:526:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
exp->_nallocated = (SQInteger)strlen(pattern) * sizeof(SQChar);
data/openttd-1.10.3/src/3rdparty/squirrel/sqstdlib/sqstdrex.cpp:579:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
exp->_eol = text + strlen(text);
data/openttd-1.10.3/src/3rdparty/squirrel/sqstdlib/sqstdrex.cpp:618:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return sqstd_rex_searchrange(exp,text,text + strlen(text),out_begin,out_end);
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqapi.cpp:135:49: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
SQRESULT sq_compile(HSQUIRRELVM v,SQLEXREADFUNC read,SQUserPointer p,const SQChar *sourcename,SQBool raiseerror)
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqapi.cpp:138:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(Compile(v, read, p, sourcename, o, raiseerror?true:false, _ss(v)->_debuginfo)) {
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqclosure.h:33:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
static bool Load(SQVM *v,SQUserPointer up,SQREADFUNC read,SQObjectPtr &ret);
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqdebug.cpp:70:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(s)+(NUMBER_MAX_CHAR*2);
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqfuncproto.h:120:55: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
static bool Load(SQVM *v,SQUserPointer up,SQREADFUNC read,SQObjectPtr &ret);
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:246:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool SafeRead(HSQUIRRELVM v,SQWRITEFUNC read,SQUserPointer up,SQUserPointer dest,SQInteger size)
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:248:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(size && read(up,dest,size) != size) {
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:260:41: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool CheckTag(HSQUIRRELVM v,SQWRITEFUNC read,SQUserPointer up,SQInteger tag)
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:263:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up,&t,sizeof(t)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:292:59: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool ReadObject(HSQUIRRELVM v,SQUserPointer up,SQREADFUNC read,SQObjectPtr &o)
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:295:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up,&t,sizeof(SQObjectType)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:299:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up,&len,sizeof(SQInteger)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:300:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up,_ss(v)->GetScratchPad(len),len));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:306:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up,&i,sizeof(SQInteger))); o = i; break;
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:310:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up,&f,sizeof(SQFloat))); o = f; break;
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:331:58: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool SQClosure::Load(SQVM *v,SQUserPointer up,SQREADFUNC read,SQObjectPtr &ret)
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:333:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(CheckTag(v,read,up,SQ_CLOSURESTREAM_HEAD));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:334:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(CheckTag(v,read,up,sizeof(SQChar)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:336:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SQFunctionProto::Load(v,up,read,func));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:337:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(CheckTag(v,read,up,SQ_CLOSURESTREAM_TAIL));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:405:64: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool SQFunctionProto::Load(SQVM *v,SQUserPointer up,SQREADFUNC read,SQObjectPtr &ret)
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:412:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(CheckTag(v,read,up,SQ_CLOSURESTREAM_PART));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:413:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(ReadObject(v, up, read, sourcename));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:414:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(ReadObject(v, up, read, name));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:416:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(CheckTag(v,read,up,SQ_CLOSURESTREAM_PART));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:417:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up, &nliterals, sizeof(nliterals)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:418:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up, &nparameters, sizeof(nparameters)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:419:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up, &noutervalues, sizeof(noutervalues)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:420:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up, &nlocalvarinfos, sizeof(nlocalvarinfos)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:421:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up, &nlineinfos, sizeof(nlineinfos)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:422:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up, &ndefaultparams, sizeof(ndefaultparams)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:423:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up, &ninstructions, sizeof(ninstructions)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:424:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up, &nfunctions, sizeof(nfunctions)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:433:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(CheckTag(v,read,up,SQ_CLOSURESTREAM_PART));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:436:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(ReadObject(v, up, read, o));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:439:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(CheckTag(v,read,up,SQ_CLOSURESTREAM_PART));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:442:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(ReadObject(v, up, read, o));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:445:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(CheckTag(v,read,up,SQ_CLOSURESTREAM_PART));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:450:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up, &type, sizeof(SQUnsignedInteger)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:451:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(ReadObject(v, up, read, o));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:452:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(ReadObject(v, up, read, name));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:455:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(CheckTag(v,read,up,SQ_CLOSURESTREAM_PART));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:459:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(ReadObject(v, up, read, lvi._name));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:460:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up, &lvi._pos, sizeof(SQUnsignedInteger)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:461:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up, &lvi._start_op, sizeof(SQUnsignedInteger)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:462:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up, &lvi._end_op, sizeof(SQUnsignedInteger)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:465:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(CheckTag(v,read,up,SQ_CLOSURESTREAM_PART));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:466:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up, f->_lineinfos, sizeof(SQLineInfo)*nlineinfos));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:468:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(CheckTag(v,read,up,SQ_CLOSURESTREAM_PART));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:469:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up, f->_defaultparams, sizeof(SQInteger)*ndefaultparams));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:471:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(CheckTag(v,read,up,SQ_CLOSURESTREAM_PART));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:472:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up, f->_instructions, sizeof(SQInstruction)*ninstructions));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:474:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(CheckTag(v,read,up,SQ_CLOSURESTREAM_PART));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:476:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(_funcproto(o)->Load(v, up, read, o));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:479:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up, &f->_stacksize, sizeof(f->_stacksize)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:480:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up, &f->_bgenerator, sizeof(f->_bgenerator)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqobject.cpp:481:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
_CHECK_IO(SafeRead(v,read,up, &f->_varparams, sizeof(f->_varparams)));
data/openttd-1.10.3/src/3rdparty/squirrel/squirrel/sqstate.cpp:517:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (SQInteger)strlen(news);
data/openttd-1.10.3/src/bmp.cpp:28:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (buffer->read < 0) return;
data/openttd-1.10.3/src/bmp.cpp:36:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (buffer->read < 0) return false;
data/openttd-1.10.3/src/bmp.cpp:38:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (buffer->pos == buffer->read || buffer->pos < 0) AdvanceBuffer(buffer);
data/openttd-1.10.3/src/bmp.cpp:39:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return buffer->pos == buffer->read;
data/openttd-1.10.3/src/bmp.cpp:44:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (buffer->read < 0) return 0;
data/openttd-1.10.3/src/bmp.cpp:46:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (buffer->pos == buffer->read || buffer->pos < 0) AdvanceBuffer(buffer);
data/openttd-1.10.3/src/bmp.h:35:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read;
data/openttd-1.10.3/src/console.cpp:48:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(header) != 0 && fwrite(header, strlen(header), 1, _iconsole_output_file) != 1) ||
data/openttd-1.10.3/src/console.cpp:48:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(header) != 0 && fwrite(header, strlen(header), 1, _iconsole_output_file) != 1) ||
data/openttd-1.10.3/src/console.cpp:49:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fwrite(string, strlen(string), 1, _iconsole_output_file) != 1 ||
data/openttd-1.10.3/src/console.cpp:105:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_validate(str, str + strlen(str));
data/openttd-1.10.3/src/console_cmds.cpp:530:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t kick_message_length = strlen(argv[2]);
data/openttd-1.10.3/src/console_cmds.cpp:554:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t kick_message_length = strlen(argv[2]);
data/openttd-1.10.3/src/crashlog.cpp:376:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buffer);
data/openttd-1.10.3/src/debug.cpp:95:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += strlen(i->name);
data/openttd-1.10.3/src/debug.cpp:116:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(_debug_socket, buf2, (int)strlen(buf2), 0);
data/openttd-1.10.3/src/debug.cpp:203:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s == t + strlen(i->name) && strncmp(t, i->name, s - t) == 0) {
data/openttd-1.10.3/src/depend/depend.cpp:117:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(s) + 1;
data/openttd-1.10.3/src/depend/depend.cpp:208:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = fgetc(this->fp);
data/openttd-1.10.3/src/depend/depend.cpp:1032:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(content, delimiter, strlen(delimiter))) found_delimiter = true;
data/openttd-1.10.3/src/driver.cpp:43:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(name);
data/openttd-1.10.3/src/fileio.cpp:367:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strtolower(buf + strlen(_searchpaths[sp]) - 1) && FileExists(buf)) return buf;
data/openttd-1.10.3/src/fileio.cpp:424:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (f == nullptr && strtolower(buf + ((subdir == NO_DIRECTORY) ? 0 : strlen(_searchpaths[sp]) - 1))) {
data/openttd-1.10.3/src/fileio.cpp:507:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t resolved_len = strlen(resolved_name);
data/openttd-1.10.3/src/fileio.cpp:591:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t s = strlen(buf);
data/openttd-1.10.3/src/fileio.cpp:784:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) == 0) break;
data/openttd-1.10.3/src/fileio.cpp:806:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) == 0 || strlen(link) == 0) break;
data/openttd-1.10.3/src/fileio.cpp:806:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) == 0 || strlen(link) == 0) break;
data/openttd-1.10.3/src/fileio.cpp:829:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
next = pos + strlen(pos);
data/openttd-1.10.3/src/fileio.cpp:973:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t read;
data/openttd-1.10.3/src/fileio.cpp:974:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (; to_copy != 0; to_copy -= read) {
data/openttd-1.10.3/src/fileio.cpp:976:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read <= 0 || fwrite(buffer, 1, read, out) != read) break;
data/openttd-1.10.3/src/fileio.cpp:976:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read <= 0 || fwrite(buffer, 1, read, out) != read) break;
data/openttd-1.10.3/src/fileio.cpp:976:53: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read <= 0 || fwrite(buffer, 1, read, out) != read) break;
data/openttd-1.10.3/src/fileio.cpp:1427:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
num += ScanPath(this, extension, path, strlen(path), recursive);
data/openttd-1.10.3/src/fileio.cpp:1463:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return ScanPath(this, extension, path, strlen(path), recursive);
data/openttd-1.10.3/src/fios.cpp:384:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(!FiosIsHiddenFile(dirent) || strncasecmp(d_name, PERSONAL_DIR, strlen(d_name)) == 0) &&
data/openttd-1.10.3/src/fios.cpp:442:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
assert(title + read <= last);
data/openttd-1.10.3/src/fios.cpp:443:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
title[read] = '\0';
data/openttd-1.10.3/src/fios.cpp:599:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(buf, it->second.tar_filename, strlen(buf)) == 0) {
data/openttd-1.10.3/src/fontdetection.cpp:136:13: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path_len = _tcslen(vbuffer) + _tcslen(dbuffer) + 2; // '\' and terminating nul.
data/openttd-1.10.3/src/fontdetection.cpp:136:32: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path_len = _tcslen(vbuffer) + _tcslen(dbuffer) + 2; // '\' and terminating nul.
data/openttd-1.10.3/src/fontdetection.cpp:148:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(font_name, (*face)->family_name, strlen((*face)->family_name)) == 0) break;
data/openttd-1.10.3/src/fontdetection.cpp:150:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(font_name + strlen(font_name) + 1, (*face)->family_name, strlen((*face)->family_name)) == 0) break;
data/openttd-1.10.3/src/fontdetection.cpp:150:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(font_name + strlen(font_name) + 1, (*face)->family_name, strlen((*face)->family_name)) == 0) break;
data/openttd-1.10.3/src/fontdetection.cpp:325:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strecpy(font_name + strlen(font_name) + 1, english_name, lastof(font_name));
data/openttd-1.10.3/src/game/game_text.cpp:105:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buffer);
data/openttd-1.10.3/src/game/game_text.cpp:271:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(filename);
data/openttd-1.10.3/src/highscore.cpp:135:77: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
byte length = min(sizeof(hs->company), StrEmpty(hs->company) ? 0 : (int)strlen(&hs->company[1]) + 1);
data/openttd-1.10.3/src/hotkeys.cpp:95:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(_keycode_to_name[i].name) == (size_t)(end - start) && strncasecmp(start, _keycode_to_name[i].name, end - start) == 0) {
data/openttd-1.10.3/src/ini.cpp:90:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#undef strncpy
data/openttd-1.10.3/src/ini.cpp:93:2: [1] (buffer) _tcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
_tcsncpy(tfilename, OTTD2FS(filename), MAX_PATH);
data/openttd-1.10.3/src/ini.cpp:94:2: [1] (buffer) _tcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
_tcsncpy(tfile_new, OTTD2FS(file_new), MAX_PATH);
data/openttd-1.10.3/src/ini.cpp:98:12: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tfilename[_tcslen(tfilename) + 1] = '\0';
data/openttd-1.10.3/src/ini.cpp:99:12: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tfile_new[_tcslen(tfile_new) + 1] = '\0';
data/openttd-1.10.3/src/ini_load.cpp:27:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_validate(this->name, this->name + strlen(this->name));
data/openttd-1.10.3/src/ini_load.cpp:62:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_validate(this->name, this->name + strlen(this->name));
data/openttd-1.10.3/src/ini_load.cpp:156:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len == 0) len = strlen(name);
data/openttd-1.10.3/src/ini_load.cpp:179:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(name);
data/openttd-1.10.3/src/ini_load.cpp:234:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *e = s + strlen(s);
data/openttd-1.10.3/src/ini_load.cpp:302:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
e = t + strlen(t);
data/openttd-1.10.3/src/ini_load.cpp:308:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (item->value != nullptr) str_validate(item->value, item->value + strlen(item->value));
data/openttd-1.10.3/src/misc/str.hpp:53:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
base::AppendRaw(str, strlen(str));
data/openttd-1.10.3/src/misc/str.hpp:95:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t addSize = max<size_t>(strlen(format), 16);
data/openttd-1.10.3/src/misc_gui.cpp:981:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*Utf8PrevChar(this->editbox.text.buf + strlen(this->editbox.text.buf)) = '\0';
data/openttd-1.10.3/src/music/cocoa_m.cpp:162:114: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CFAutoRelease<CFURLRef> url(CFURLCreateFromFileSystemRepresentation(kCFAllocatorDefault, (const UInt8*)os_file, strlen(os_file), false));
data/openttd-1.10.3/src/music/qtmidi.cpp:110:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = read(fd, magic, 4);
data/openttd-1.10.3/src/network/core/host.cpp:33:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*pos += strlen(header) + new_pos - *pos + 1;
data/openttd-1.10.3/src/network/core/host.cpp:57:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int fields, read;
data/openttd-1.10.3/src/network/core/host.cpp:63:58: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
&n, &i1, &i2, &i3, &i4, &j1, &j2, &j3, &j4, &read);
data/openttd-1.10.3/src/network/core/host.cpp:79:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read < 0) {
data/openttd-1.10.3/src/network/core/host.cpp:82:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
*output += read;
data/openttd-1.10.3/src/network/core/packet.cpp:152:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(this->size + strlen(data) + 1 <= SEND_MTU);
data/openttd-1.10.3/src/network/core/tcp_content.cpp:60:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (uint i = 0; i < this->tag_count; i++) len += strlen(this->tags[i]) + 1;
data/openttd-1.10.3/src/network/core/tcp_http.cpp:44:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t bufferSize = strlen(url) + strlen(host) + strlen(GetNetworkRevisionString()) + (data == nullptr ? 0 : strlen(data)) + 128;
data/openttd-1.10.3/src/network/core/tcp_http.cpp:44:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t bufferSize = strlen(url) + strlen(host) + strlen(GetNetworkRevisionString()) + (data == nullptr ? 0 : strlen(data)) + 128;
data/openttd-1.10.3/src/network/core/tcp_http.cpp:44:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t bufferSize = strlen(url) + strlen(host) + strlen(GetNetworkRevisionString()) + (data == nullptr ? 0 : strlen(data)) + 128;
data/openttd-1.10.3/src/network/core/tcp_http.cpp:44:111: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t bufferSize = strlen(url) + strlen(host) + strlen(GetNetworkRevisionString()) + (data == nullptr ? 0 : strlen(data)) + 128;
data/openttd-1.10.3/src/network/core/tcp_http.cpp:49:211: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
seprintf(buffer, buffer + bufferSize - 1, "POST %s HTTP/1.0\r\nHost: %s\r\nUser-Agent: OpenTTD/%s\r\nContent-Type: text/plain\r\nContent-Length: %d\r\n\r\n%s\r\n", url, host, GetNetworkRevisionString(), (int)strlen(data), data);
data/openttd-1.10.3/src/network/core/tcp_http.cpp:54:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ssize_t size = strlen(buffer);
data/openttd-1.10.3/src/network/core/tcp_http.cpp:108:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(HTTP_1_0) == strlen(HTTP_1_1));
data/openttd-1.10.3/src/network/core/tcp_http.cpp:108:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(HTTP_1_0) == strlen(HTTP_1_1));
data/openttd-1.10.3/src/network/core/tcp_http.cpp:112:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(this->recv_buffer, HTTP_1_0, strlen(HTTP_1_0)) != 0 &&
data/openttd-1.10.3/src/network/core/tcp_http.cpp:113:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(this->recv_buffer, HTTP_1_1, strlen(HTTP_1_1)) != 0) {
data/openttd-1.10.3/src/network/core/tcp_http.cpp:117:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *status = this->recv_buffer + strlen(HTTP_1_0);
data/openttd-1.10.3/src/network/core/tcp_http.cpp:126:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += strlen(CONTENT_LENGTH);
data/openttd-1.10.3/src/network/core/tcp_http.cpp:166:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uri += strlen(LOCATION);
data/openttd-1.10.3/src/network/core/tcp_http.cpp:254:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int end = min(read, lengthof(this->recv_buffer) - 1);
data/openttd-1.10.3/src/network/core/tcp_http.cpp:267:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->recv_pos = read;
data/openttd-1.10.3/src/network/core/tcp_http.cpp:274:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
end_of_header += strlen(END_OF_HEADER);
data/openttd-1.10.3/src/network/network.cpp:1022:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
checksum.Append((const uint8*)coding_string, strlen(coding_string));
data/openttd-1.10.3/src/network/network.cpp:1103:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(network_revision) >= NETWORK_REVISION_LENGTH) network_revision[NETWORK_REVISION_LENGTH - 1] = '\0';
data/openttd-1.10.3/src/network/network.cpp:1123:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (hashofs + strlen(githash_suffix) + 1 > NETWORK_REVISION_LENGTH) hashofs = strlen(network_revision) - strlen(githash_suffix);
data/openttd-1.10.3/src/network/network.cpp:1123:81: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (hashofs + strlen(githash_suffix) + 1 > NETWORK_REVISION_LENGTH) hashofs = strlen(network_revision) - strlen(githash_suffix);
data/openttd-1.10.3/src/network/network.cpp:1123:108: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (hashofs + strlen(githash_suffix) + 1 > NETWORK_REVISION_LENGTH) hashofs = strlen(network_revision) - strlen(githash_suffix);
data/openttd-1.10.3/src/network/network.cpp:1126:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(network_revision) < NETWORK_REVISION_LENGTH); // strlen does not include terminator, constant does, hence strictly less than
data/openttd-1.10.3/src/network/network_admin.cpp:564:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(origin) + strlen(string) + 2 + 3 >= SEND_MTU) return NETWORK_RECV_STATUS_OKAY;
data/openttd-1.10.3/src/network/network_admin.cpp:564:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(origin) + strlen(string) + 2 + 3 >= SEND_MTU) return NETWORK_RECV_STATUS_OKAY;
data/openttd-1.10.3/src/network/network_admin.cpp:584:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(json) + 1 >= NETWORK_GAMESCRIPT_JSON_LENGTH) return NETWORK_RECV_STATUS_OKAY;
data/openttd-1.10.3/src/network/network_admin.cpp:616:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p->size + strlen(cmdname) + 5 >= SEND_MTU) {
data/openttd-1.10.3/src/network/network_chat_gui.cpp:396:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tb_len = strlen(tb_buf);
data/openttd-1.10.3/src/network/network_chat_gui.cpp:414:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
offset = strlen(pre_buf) + 1;
data/openttd-1.10.3/src/network/network_chat_gui.cpp:419:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(cur_name) == length && strncmp(cur_name, tb->buf + offset, length) == 0) second_scan = true;
data/openttd-1.10.3/src/network/network_chat_gui.cpp:427:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(cur_name);
data/openttd-1.10.3/src/network/network_content.cpp:432:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read < 0 || (size_t)read != fwrite(buff, 1, read, fout)) {
data/openttd-1.10.3/src/network/network_content.cpp:432:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read < 0 || (size_t)read != fwrite(buff, 1, read, fout)) {
data/openttd-1.10.3/src/network/network_content.cpp:432:52: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read < 0 || (size_t)read != fwrite(buff, 1, read, fout)) {
data/openttd-1.10.3/src/network/network_content.cpp:627:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->http_response_index += (int)strlen(str) + 1;
data/openttd-1.10.3/src/network/network_udp.cpp:206:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
free -= (int)strlen(company_name);
data/openttd-1.10.3/src/network/network_udp.cpp:266:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
min(strlen(f->GetName()) + 1, (size_t)NETWORK_GRF_NAME_LENGTH);
data/openttd-1.10.3/src/newgrf_text.cpp:241:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(this->strings[0]);
data/openttd-1.10.3/src/newgrf_text.cpp:273:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str) + 1;
data/openttd-1.10.3/src/newgrf_text.cpp:283:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(this->strings[0]) + 1;
data/openttd-1.10.3/src/newgrf_text.cpp:307:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str) + 1;
data/openttd-1.10.3/src/newgrf_text.cpp:318:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = min<size_t>(0xFE, strlen(str));
data/openttd-1.10.3/src/newgrf_text.cpp:340:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *tmp = MallocT<char>(strlen(str) * 10 + 1); // Allocate space to allow for expansion
data/openttd-1.10.3/src/newgrf_text.cpp:489:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d = mapping->strings[index] = MallocT<char>(strlen(str) * 10 + 1);
data/openttd-1.10.3/src/newgrf_text.cpp:628:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
AddGRFTextToList(list, GRFText::New(0x7F, text_to_add, strlen(text_to_add) + 1));
data/openttd-1.10.3/src/os/unix/unix.cpp:97:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(path[strlen(path) - 1] == PATHSEPCHAR);
data/openttd-1.10.3/src/os/unix/unix.cpp:98:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(path) > 2) assert(path[strlen(path) - 2] != PATHSEPCHAR);
data/openttd-1.10.3/src/os/unix/unix.cpp:98:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(path) > 2) assert(path[strlen(path) - 2] != PATHSEPCHAR);
data/openttd-1.10.3/src/os/unix/unix.cpp:159:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t inlen = strlen(name);
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:512:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
userstream.BufferSize = (ULONG)strlen(this->crashlog) + 1;
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:699:17: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = _tcslen(_crash_desc) + 2;
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:700:11: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += _tcslen(OTTD2FS(CrashLogWindows::current->crashlog_filename)) + 2;
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:701:11: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += _tcslen(OTTD2FS(CrashLogWindows::current->crashdump_filename)) + 2;
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:702:11: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += _tcslen(OTTD2FS(CrashLogWindows::current->screenshot_filename)) + 1;
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:728:20: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = _tcslen(_save_succeeded) + _tcslen(OTTD2FS(filename)) + 1;
data/openttd-1.10.3/src/os/windows/crashlog_win.cpp:728:47: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = _tcslen(_save_succeeded) + _tcslen(OTTD2FS(filename)) + 1;
data/openttd-1.10.3/src/os/windows/win32.cpp:145:22: [1] (buffer) _tcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bool slash = path[_tcslen(path) - 1] == '\\';
data/openttd-1.10.3/src/os/windows/win32.cpp:394:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > 2048) {
data/openttd-1.10.3/src/os/windows/win32.cpp:494:3: [1] (buffer) _tcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
_tcsncpy(path, convert_to_fs(exe, path, lengthof(path)), lengthof(path));
data/openttd-1.10.3/src/safeguards.h:37:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define strncpy SAFEGUARD_DO_NOT_USE_THIS_METHOD
data/openttd-1.10.3/src/safeguards.h:41:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
#define strncat SAFEGUARD_DO_NOT_USE_THIS_METHOD
data/openttd-1.10.3/src/saveload/linkgraph_sl.cpp:60:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t prefixlen = strlen(prefix);
data/openttd-1.10.3/src/saveload/saveload.cpp:90:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
size_t read; ///< The amount of read bytes so far from the filter.
data/openttd-1.10.3/src/saveload/saveload.cpp:96:81: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ReadBuffer(LoadFilter *reader) : bufp(nullptr), bufe(nullptr), reader(reader), read(0)
data/openttd-1.10.3/src/saveload/saveload.cpp:869:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return min(strlen(ptr), length - 1);
data/openttd-1.10.3/src/screenshot.cpp:308:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text[0].text_length = strlen(_openttd_revision);
data/openttd-1.10.3/src/screenshot.cpp:680:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(_screenshot_name);
data/openttd-1.10.3/src/script/api/script_admin.cpp:41:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buf) + 1;
data/openttd-1.10.3/src/script/api/script_object.cpp:315:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
::str_validate(const_cast<char *>(text), text + strlen(text), SVS_NONE);
data/openttd-1.10.3/src/script/api/script_text.cpp:162:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(key_string, "param_", 6) != 0 || strlen(key_string) > 8) return SQ_ERROR;
data/openttd-1.10.3/src/script/script_config.cpp:194:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t needed_size = strlen((*it).first) + 1 + strlen(no);
data/openttd-1.10.3/src/script/script_config.cpp:194:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t needed_size = strlen((*it).first) + 1 + strlen(no);
data/openttd-1.10.3/src/script/script_info_dummy.cpp:47:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (SQ_SUCCEEDED(sq_compilebuffer(vm, sq_dummy_script, strlen(sq_dummy_script), "dummy", SQTrue))) {
data/openttd-1.10.3/src/script/script_info_dummy.cpp:102:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (SQ_SUCCEEDED(sq_compilebuffer(vm, sq_dummy_script, strlen(sq_dummy_script), "dummy", SQTrue))) {
data/openttd-1.10.3/src/script/script_instance.cpp:377:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buf) + 1;
data/openttd-1.10.3/src/script/script_scanner.cpp:40:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char *end = this->main_script + strlen(this->main_script) + 1;
data/openttd-1.10.3/src/script/script_scanner.cpp:130:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(info->GetShortName()) != 4) {
data/openttd-1.10.3/src/script/squirrel.cpp:417:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(class_name) + strlen(engine->GetAPIName()) + 1;
data/openttd-1.10.3/src/script/squirrel.cpp:417:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(class_name) + strlen(engine->GetAPIName()) + 1;
data/openttd-1.10.3/src/script/squirrel_helper.hpp:119:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_validate(tmp_str, tmp_str + strlen(tmp_str));
data/openttd-1.10.3/src/settings.cpp:117:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (onelen == 0) onelen = strlen(one);
data/openttd-1.10.3/src/settings.cpp:1795:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(config_name) + 8;
data/openttd-1.10.3/src/settings.cpp:1814:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(config_name) + 8;
data/openttd-1.10.3/src/settings.cpp:1830:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(config_name) + 8;
data/openttd-1.10.3/src/settingsgen/settingsgen.cpp:113:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (length == 0) length = strlen(text);
data/openttd-1.10.3/src/strgen/strgen_base.cpp:379:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (uint i = 0; i < nw; i++) buffer->AppendByte((byte)strlen(words[i]) + 1);
data/openttd-1.10.3/src/strgen/strgen_base.cpp:786:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ent->translated_case = new Case(ResolveCaseName(casep, strlen(casep)), s, ent->translated_case);
data/openttd-1.10.3/src/strgen/strgen_base.cpp:811:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t i = strlen(buf);
data/openttd-1.10.3/src/string.cpp:138:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = last == nullptr ? strlen(s) : ttd_strnlen(s, last - s + 1);
data/openttd-1.10.3/src/string.cpp:246:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_validate(const_cast<char *>(str), str + strlen(str) + 1);
data/openttd-1.10.3/src/string.cpp:543:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t hay_len = strlen(haystack);
data/openttd-1.10.3/src/string.cpp:544:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t needle_len = strlen(needle);
data/openttd-1.10.3/src/string.cpp:787:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
this->len = strlen(s);
data/openttd-1.10.3/src/stringfilter.cpp:36:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *dest = MallocT<char>(strlen(str) + 1);
data/openttd-1.10.3/src/textfile_gui.cpp:333:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read != filesize) return;
data/openttd-1.10.3/src/townname.cpp:202:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(org) == 4 && strlen(rep) == 4 && strlen(buf) >= 4);
data/openttd-1.10.3/src/townname.cpp:202:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(org) == 4 && strlen(rep) == 4 && strlen(buf) >= 4);
data/openttd-1.10.3/src/townname.cpp:202:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(strlen(org) == 4 && strlen(rep) == 4 && strlen(buf) >= 4);
data/openttd-1.10.3/src/townname.cpp:737:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t postlen = strlen(poststr);
data/openttd-1.10.3/src/townname.cpp:738:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t endlen = strlen(endstr);
data/openttd-1.10.3/src/vehicle_cmd.cpp:769:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (number_position = strlen(src->name); number_position > 0; number_position--) {
data/openttd-1.10.3/src/vehicle_cmd.cpp:778:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (number_position == strlen(src->name)) {
data/openttd-1.10.3/src/vehicle_cmd.cpp:782:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
number_position = strlen(buf);
ANALYSIS SUMMARY:
Hits = 1341
Lines analyzed = 352040 in approximately 9.63 seconds (36568 lines/second)
Physical Source Lines of Code (SLOC) = 227966
Hits@level = [0] 275 [1] 248 [2] 690 [3] 41 [4] 360 [5] 2
Hits@level+ = [0+] 1616 [1+] 1341 [2+] 1093 [3+] 403 [4+] 362 [5+] 2
Hits/KSLOC@level+ = [0+] 7.08878 [1+] 5.88246 [2+] 4.79457 [3+] 1.76781 [4+] 1.58796 [5+] 0.00877324
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.