Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/openxr-sdk-source-1.0.9~dfsg1/external/include/GL/gl_format.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/algebra.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/nanoseconds.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/sysinfo.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/threading.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/include/openxr/openxr_platform_defines.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/specification/scripts/template_openxr_reflection.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/api_layers/api_dump.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/api_layers/api_layer_platform_defines.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/api_layers/core_validation.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/api_layers/validation_utils.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/common/extra_algorithms.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/common/filesystem_utils.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/common/filesystem_utils.hpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/common/hex_and_handles.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/common/loader_interfaces.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/common/object_info.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/common/object_info.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/common/platform_utils.hpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/common/xr_dependencies.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/common/xr_linear.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/loader/api_layer_interface.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/loader/api_layer_interface.hpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/loader/exception_handling.hpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/loader/loader_core.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/loader/loader_instance.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/loader/loader_instance.hpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/loader/loader_logger.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/loader/loader_logger.hpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/loader/loader_logger_recorders.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/loader/loader_logger_recorders.hpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/loader/loader_platform.hpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/loader/manifest_file.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/loader/manifest_file.hpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/loader/runtime_interface.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/loader/runtime_interface.hpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/check.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/common.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/d3d_common.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/d3d_common.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/geometry.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/graphicsapi.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/graphicsplugin.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/graphicsplugin_d3d11.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/graphicsplugin_d3d12.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/graphicsplugin_factory.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/graphicsplugin_opengl.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/graphicsplugin_opengles.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/graphicsplugin_vulkan.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/logger.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/logger.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/main.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/openxr_program.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/openxr_program.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/options.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/pch.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/pch.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/platformdata.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/platformplugin.h
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/platformplugin_android.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/platformplugin_factory.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/platformplugin_win32.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/platformplugin_xlib.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/list/list.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test_utils.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test_utils.hpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/test_layers/layer_test.cpp
Examining data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/test_runtimes/runtime_test.cpp
FINAL RESULTS:
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/sysinfo.h:229:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( keyValues[i].value, pretty_name );
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/threading.h:637:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( fileName, "/sys/devices/system/cpu/cpu%d/cpufreq/%s", i, files[j] );
data/openxr-sdk-source-1.0.9~dfsg1/src/common/filesystem_utils.cpp:271:64: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
bool FileSysUtilsPathExists(const std::string& path) { return (access(path.c_str(), F_OK) != -1); }
data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c:50:5: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format, args);
data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c:57:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buffer, 4096, format, args);
data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c:65:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buffer, 4096, format, args);
data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c:86:5: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format, args);
data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c:94:18: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int length = vsnprintf(buffer, 4096, format, args);
data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c:115:18: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int length = vsnprintf(buffer, 4096, format, args);
data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c:134:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buffer, 4096, format, args);
data/openxr-sdk-source-1.0.9~dfsg1/src/loader/loader_platform.hpp:114:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf xr_snprintf
data/openxr-sdk-source-1.0.9~dfsg1/src/loader/loader_platform.hpp:115:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define vsnprintf xr_vsnprintf
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/common.h:69:21: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int size = std::vsnprintf(nullptr, 0, fmt, vl);
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/common.h:76:21: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
size = std::vsnprintf(buffer.get(), size + 1, fmt, vl);
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/threading.h:159:2: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection( &mutex->handle );
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/threading.h:190:3: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection( &mutex->handle );
data/openxr-sdk-source-1.0.9~dfsg1/src/common/filesystem_utils.cpp:296:20: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
if (nullptr != realpath(path.c_str(), buf)) {
data/openxr-sdk-source-1.0.9~dfsg1/src/common/platform_utils.hpp:61:59: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
static inline char* ImplGetEnv(const char* name) { return getenv(name); }
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test_utils.cpp:62:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *returned = getenv(variable.c_str());
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test_utils.cpp:82:22: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *returned = getenv(variable.c_str());
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/sysinfo.h:84:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char version[1024];
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/sysinfo.h:96:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[1024];
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/sysinfo.h:98:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * os_release = fopen( "/etc/os-release", "r" );
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/sysinfo.h:137:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char version[1024];
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/sysinfo.h:142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char release[PROP_VALUE_MAX] = { 0 };
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/sysinfo.h:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char build[PROP_VALUE_MAX] = { 0 };
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/sysinfo.h:169:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char processor[1024];
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/sysinfo.h:181:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char processor[1024];
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/sysinfo.h:189:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[1024];
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/sysinfo.h:196:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[1024];
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/sysinfo.h:198:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * cpuinfo = fopen( "/proc/cpuinfo", "r" );
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/sysinfo.h:201:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/threading.h:523:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char threadName[128];
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/threading.h:584:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/threading.h:636:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[1024];
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/threading.h:638:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * fp = fopen( fileName, "r" );
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/threading.h:643:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/threading.h:651:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
const unsigned int frequency = atoi( buffer + index );
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/threading.h:705:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/threading.h:717:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/openxr-sdk-source-1.0.9~dfsg1/src/api_layers/api_dump.cpp:77:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
html_file.open(g_record_info.file_name, std::ios::out);
data/openxr-sdk-source-1.0.9~dfsg1/src/api_layers/api_dump.cpp:186:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
html_file.open(g_record_info.file_name, std::ios::out | std::ios::app);
data/openxr-sdk-source-1.0.9~dfsg1/src/api_layers/api_dump.cpp:244:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
text_file.open(g_record_info.file_name, std::ios::out | std::ios::app);
data/openxr-sdk-source-1.0.9~dfsg1/src/api_layers/api_dump.cpp:265:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
text_file.open(g_record_info.file_name, std::ios::out | std::ios::app);
data/openxr-sdk-source-1.0.9~dfsg1/src/api_layers/api_dump.cpp:526:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&new_api_layer_info, apiLayerInfo, sizeof(XrApiLayerCreateInfo));
data/openxr-sdk-source-1.0.9~dfsg1/src/api_layers/core_validation.cpp:79:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
html_file.open(g_record_info.file_name, std::ios::out);
data/openxr-sdk-source-1.0.9~dfsg1/src/api_layers/core_validation.cpp:198:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
html_file.open(g_record_info.file_name, std::ios::out | std::ios::app);
data/openxr-sdk-source-1.0.9~dfsg1/src/api_layers/core_validation.cpp:309:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
text_file.open(g_record_info.file_name, std::ios::out | std::ios::app);
data/openxr-sdk-source-1.0.9~dfsg1/src/api_layers/core_validation.cpp:335:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
text_file.open(g_record_info.file_name, std::ios::out | std::ios::app);
data/openxr-sdk-source-1.0.9~dfsg1/src/api_layers/core_validation.cpp:430:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char struct_type_buffer[XR_MAX_STRUCTURE_NAME_SIZE];
data/openxr-sdk-source-1.0.9~dfsg1/src/api_layers/core_validation.cpp:519:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&new_api_layer_info, apiLayerInfo, sizeof(XrApiLayerCreateInfo));
data/openxr-sdk-source-1.0.9~dfsg1/src/common/filesystem_utils.cpp:185:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t tmp_path[MAX_PATH];
data/openxr-sdk-source-1.0.9~dfsg1/src/common/filesystem_utils.cpp:204:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t tmp_path[MAX_PATH];
data/openxr-sdk-source-1.0.9~dfsg1/src/common/filesystem_utils.cpp:276:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_path[PATH_MAX];
data/openxr-sdk-source-1.0.9~dfsg1/src/common/filesystem_utils.cpp:295:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[PATH_MAX];
data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c:40:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c:54:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c:62:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c:74:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c:91:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c:112:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c:131:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c:189:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
l->fp = fopen(fileName, "wb");
data/openxr-sdk-source-1.0.9~dfsg1/src/common/loader_interfaces.h:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char layerName[XR_MAX_API_LAYER_NAME_SIZE]; // Name of API layer which should receive this info
data/openxr-sdk-source-1.0.9~dfsg1/src/common/loader_interfaces.h:120:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char settings_file_location[XR_API_LAYER_MAX_SETTINGS_PATH_SIZE]; // Location to the found settings file (or empty '\0')
data/openxr-sdk-source-1.0.9~dfsg1/src/common/object_info.cpp:273:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aug_data->modified_data, callback_data, sizeof(XrDebugUtilsMessengerCallbackDataEXT));
data/openxr-sdk-source-1.0.9~dfsg1/src/common/platform_utils.hpp:158:30: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
const int wideLength = ::MultiByteToWideChar(CP_UTF8, 0, utf8Text.data(), (int)utf8Text.size(), nullptr, 0);
data/openxr-sdk-source-1.0.9~dfsg1/src/common/platform_utils.hpp:167:26: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
const int length = ::MultiByteToWideChar(CP_UTF8, 0, utf8Text.data(), (int)utf8Text.size(), wideString, wideLength);
data/openxr-sdk-source-1.0.9~dfsg1/src/loader/loader_platform.hpp:123:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefixBuffer[64];
data/openxr-sdk-source-1.0.9~dfsg1/src/loader/manifest_file.cpp:347:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t value_w[1024];
data/openxr-sdk-source-1.0.9~dfsg1/src/loader/manifest_file.cpp:388:9: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t name_w[1024]{};
data/openxr-sdk-source-1.0.9~dfsg1/src/loader/manifest_file.cpp:756:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
uint32_t implementation_version = atoi(layer_root_node["implementation_version"].asString().c_str());
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/graphicsplugin_d3d12.cpp:246:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, Geometry::c_cubeVertices, sizeof(Geometry::c_cubeVertices));
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/graphicsplugin_d3d12.cpp:261:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, Geometry::c_cubeIndices, sizeof(Geometry::c_cubeIndices));
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/graphicsplugin_d3d12.cpp:499:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, &viewProjection, sizeof(viewProjection));
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/graphicsplugin_d3d12.cpp:531:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data + offset, &model, sizeof(model));
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/main.cpp:15:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[PROP_VALUE_MAX] = {};
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/openxr_program.cpp:227:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(createInfo.applicationInfo.applicationName, "HelloXR");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:565:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(application_info.applicationName, "Loader Test");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:567:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(application_info.engineName, "Infinite Improbability Drive");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:693:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(application_info.applicationName, "Loader Test");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:695:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(application_info.engineName, "Infinite Improbability Drive");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:741:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(app_info.applicationName, "Loader Test");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:743:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(app_info.engineName, "Infinite Improbability Drive");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:933:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char message_id[64];
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:935:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char object_name[64];
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1176:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(app_info.applicationName, "Loader Test");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1178:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(app_info.engineName, "Infinite Improbability Drive");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1266:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "General Error");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1275:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "Validation Warning");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1284:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "Performance Info");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1293:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "General Verbose");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1351:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "General Error");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1361:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "Validation Warning");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1371:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "Performance Info");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1381:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "General Verbose");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1444:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "General Error");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1447:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "Validation Warning");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1450:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "Performance Info");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1453:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "General Verbose");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1485:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "General Error");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1488:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "Validation Warning");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1491:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "Performance Info");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1494:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "General Verbose");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1526:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "General Error");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1529:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "Validation Warning");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1532:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "Performance Info");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1535:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "General Verbose");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1551:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "Performance Verbose");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1573:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "General Error");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1576:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "Validation Warning");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1579:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "Performance Info");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1582:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "General Verbose");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1597:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "Validation Info");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1715:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(object_name, "My Instance Obj");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1934:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "First Individual Label");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1950:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "First Label Region");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1975:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "Second Individual and First Region");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:1992:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "Third Individual and First Region");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:2011:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "Second and First Label Regions");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:2027:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "First Label Region 2");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:2049:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(message_id, "No Labels");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test_utils.cpp:41:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_data[4096];
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/test_runtimes/runtime_test.cpp:57:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(properties[0].extensionName, "XR_KHR_fake_ext1");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/test_runtimes/runtime_test.cpp:59:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(properties[1].extensionName, "XR_KHR_fake_ext2");
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/test_runtimes/runtime_test.cpp:86:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(properties->systemName, "Dummy system");
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/sysinfo.h:116:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int last = strlen( pretty_name ) - 1;
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/sysinfo.h:206:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t length = strlen( keyValues[i].key );
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/sysinfo.h:220:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int last = strlen( pretty_name ) - 1;
data/openxr-sdk-source-1.0.9~dfsg1/external/include/utils/threading.h:813:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( thread->threadName, threadName, sizeof( thread->threadName ) );
data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c:26:12: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
return memalign(alignment, size);
data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c:2619:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(const unsigned char *)WINDOW_TITLE, strlen(WINDOW_TITLE));
data/openxr-sdk-source-1.0.9~dfsg1/src/common/gfxwrapper_opengl.c:3048:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(WINDOW_TITLE), WINDOW_TITLE);
data/openxr-sdk-source-1.0.9~dfsg1/src/loader/api_layer_interface.cpp:134:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (nullptr != layer_name && 0 != strlen(layer_name)) {
data/openxr-sdk-source-1.0.9~dfsg1/src/loader/loader_core.cpp:118:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (nullptr != layerName && 0 != strlen(layerName)) {
data/openxr-sdk-source-1.0.9~dfsg1/src/loader/loader_core.cpp:390:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(info.applicationName) == 0) {
data/openxr-sdk-source-1.0.9~dfsg1/src/loader/loader_instance.cpp:235:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(next_info_list[ni_index].layerName, (*layer_interface)->LayerName().c_str(),
data/openxr-sdk-source-1.0.9~dfsg1/src/loader/manifest_file.cpp:79:17: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return std::equal(ending.rbegin(), ending.rend(), value.rbegin());
data/openxr-sdk-source-1.0.9~dfsg1/src/loader/manifest_file.cpp:461:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(prop.extensionName, ext.name.c_str(), XR_MAX_EXTENSION_NAME_SIZE - 1);
data/openxr-sdk-source-1.0.9~dfsg1/src/loader/manifest_file.cpp:799:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(props.layerName, _layer_name.c_str(), XR_MAX_API_LAYER_NAME_SIZE - 1);
data/openxr-sdk-source-1.0.9~dfsg1/src/loader/manifest_file.cpp:803:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(props.description, _description.c_str(), XR_MAX_API_LAYER_DESCRIPTION_SIZE - 1);
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/d3d_common.cpp:37:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
HRESULT hr = D3DCompile(hlsl, strlen(hlsl), nullptr, nullptr, nullptr, entrypoint, shaderTarget, flags, 0,
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/main.cpp:237:19: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(void)getchar();
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/hello_xr/openxr_program.cpp:14:32: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define strcpy_s(dest, source) strncpy((dest), (source), sizeof(dest))
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/list/list.cpp:74:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(instanceCreateInfo.applicationInfo.applicationName, "List", XR_MAX_APPLICATION_NAME_SIZE);
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/list/list.cpp:76:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(instanceCreateInfo.applicationInfo.engineName, "List Engine", XR_MAX_ENGINE_NAME_SIZE);
data/openxr-sdk-source-1.0.9~dfsg1/src/tests/loader_test/loader_test.cpp:420:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(prop.extensionName) < 4 || 0 != strncmp(prop.extensionName, "XR_", 3)) {
ANALYSIS SUMMARY:
Hits = 147
Lines analyzed = 27047 in approximately 0.73 seconds (37127 lines/second)
Physical Source Lines of Code (SLOC) = 20360
Hits@level = [0] 34 [1] 21 [2] 106 [3] 6 [4] 14 [5] 0
Hits@level+ = [0+] 181 [1+] 147 [2+] 126 [3+] 20 [4+] 14 [5+] 0
Hits/KSLOC@level+ = [0+] 8.88998 [1+] 7.22004 [2+] 6.18861 [3+] 0.982318 [4+] 0.687623 [5+] 0
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.