Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/compat.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/misc.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/zend_hash.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/zend_string.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_api.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_bc_macros.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_client.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_collapse_function.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_dismax_query.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_dismax_query.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_document.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_exception.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_input_document.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_object.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_params.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_query.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_response.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_utils.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_version.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_constants.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_client.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_debug.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_document.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_helpers.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_params.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_response.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_macros.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_types.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_api.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_bc_macros.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_client.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_collapse_function.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_dismax_query.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_dismax_query.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_document.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_exception.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_input_document.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_object.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_params.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_query.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_response.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_utils.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_version.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_constants.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_client.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_debug.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_document.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_helpers.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_params.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_response.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_macros.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_types.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/compat.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/misc.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/zend_hash.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/zend_string.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_api.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_bc_macros.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_client.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_collapse_function.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_dismax_query.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_dismax_query.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_document.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_exception.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_extract.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_input_document.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_object.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_params.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_query.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_response.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_utils.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_version.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_constants.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_client.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_debug.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_document.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_helpers.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_params.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_response.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_macros.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_types.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_api.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_bc_macros.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_client.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_collapse_function.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_dismax_query.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_dismax_query.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_document.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_exception.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_extract.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_input_document.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_object.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_params.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_query.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_response.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_utils.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_version.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_constants.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_client.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_debug.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_document.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_helpers.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_params.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_response.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_macros.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.c
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.h
Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_types.h
FINAL RESULTS:
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr.c:656:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
PHP_ME(SolrClient, system, SolrClient_info_args, ZEND_ACC_PUBLIC)
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr.h:266:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
PHP_METHOD(SolrClient, system);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_client.c:1842:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
PHP_METHOD(SolrClient, system)
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_debug.c:31:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format,args);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr.c:655:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
PHP_ME(SolrClient, system, SolrClient_info_args, ZEND_ACC_PUBLIC)
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr.h:269:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
PHP_METHOD(SolrClient, system);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_client.c:1755:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
PHP_METHOD(SolrClient, system)
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_debug.c:31:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format,args);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.c:686:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
PHP_ME(SolrClient, system, SolrClient_info_args, ZEND_ACC_PUBLIC)
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.h:281:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
PHP_METHOD(SolrClient, system);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_client.c:1898:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
PHP_METHOD(SolrClient, system)
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_debug.c:29:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format,args);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.c:685:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
PHP_ME(SolrClient, system, SolrClient_info_args, ZEND_ACC_PUBLIC)
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.h:281:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
PHP_METHOD(SolrClient, system);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_client.c:1817:24: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
PHP_METHOD(SolrClient, system)
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_debug.c:29:2: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(format,args);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/misc.h:69:28: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define memmove(a, b, c) bcopy(b, a, c)
data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/zend_string.h:40:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[1];
data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/zend_string.h:135:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ZSTR_VAL(ret), str, len);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/zend_string.h:171:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), MIN(len, ZSTR_LEN(s)) + 1);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/zend_string.h:194:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), ZSTR_LEN(s) + 1);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/zend_string.h:217:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), len + 1);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/zend_string.h:238:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), MIN((n * m) + l, ZSTR_LEN(s)) + 1);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr.c:1072:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr.c:1073:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_document_field_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr.c:1074:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_input_document_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr.c:1075:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_client_object_handlers, &solr_input_document_object_handlers, sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr.c:1076:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_collapse_function_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_client.c:316:24: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
long int host_port = atol(Z_STRVAL_PP(tmp1));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_client.c:342:20: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout_value = atol(Z_STRVAL_PP(tmp1));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_client.c:409:23: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
proxy_port_value = atol(Z_STRVAL_PP(tmp1));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_client.c:733:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char commitWithinBuffer[32];
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_client.c:887:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char commitWithinBuffer[32];
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_document.c:539:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_doc_entry, old_doc_entry, sizeof(solr_document_t));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_document.c:1356:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_doc_entry, old_doc_entry, sizeof(solr_document_t));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_input_document.c:118:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_doc_entry, old_doc_entry, sizeof(solr_document_t));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_params.c:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_buffer[32]; /* This should be enough to hold any value */
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_client.c:590:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
exceptionData->code = atoi((const char *)nodeCurser->children->content);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_document.c:325:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char tmp_buffer[256]; /* Scratch pad for converting numeric values to strings */
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_document.c:380:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char tmp_boost_value_buffer[256];
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_params.c:762:26: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
long int return_value = atol(current_ptr->contents.normal.str);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_macros.h:78:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
#define solr_xml_get_node_contents_int(solrXmlNode) atoi((char *)solr_xml_get_node_contents(solrXmlNode))
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.c:65:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->str + dest->len, src, length);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.c:109:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char tmp_buffer[SOLR_STRING_LONG_BUFFER_SIZE];
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.c:121:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->str + dest->len, tmp_buffer, length);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.c:135:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char tmp_buffer[SOLR_STRING_UNSIGNED_LONG_BUFFER_SIZE];
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.c:147:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->str + dest->len, tmp_buffer, length);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_types.h:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[CURL_ERROR_SIZE + 1]; /* Stores the error message */
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr.c:1071:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr.c:1072:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_document_field_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr.c:1073:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_input_document_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr.c:1074:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_client_object_handlers, &solr_input_document_object_handlers, sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr.c:1075:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_collapse_function_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_client.c:319:24: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
long int host_port = atol(Z_STRVAL_P(tmp1));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_client.c:341:20: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout_value = atol(Z_STRVAL_P(tmp1));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_client.c:404:23: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
proxy_port_value = atol(Z_STRVAL_P(tmp1));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_client.c:712:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char commitWithinBuffer[32];
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_client.c:863:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char commitWithinBuffer[32];
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_params.c:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_buffer[32]; /* This should be enough to hold any value */
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_client.c:590:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
exceptionData->code = atoi((const char *)nodeCurser->children->content);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_document.c:413:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char tmp_buffer[256]; /* Scratch pad for converting numeric values to strings */
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_document.c:466:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char tmp_boost_value_buffer[256];
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_params.c:750:26: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
long int return_value = atol(current_ptr->contents.normal.str);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_macros.h:84:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
#define solr_xml_get_node_contents_int(solrXmlNode) atoi((char *)solr_xml_get_node_contents(solrXmlNode))
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.c:65:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->str + dest->len, src, length);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.c:109:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char tmp_buffer[SOLR_STRING_LONG_BUFFER_SIZE];
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.c:121:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->str + dest->len, tmp_buffer, length);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.c:135:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char tmp_buffer[SOLR_STRING_UNSIGNED_LONG_BUFFER_SIZE];
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.c:147:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->str + dest->len, tmp_buffer, length);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_types.h:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[CURL_ERROR_SIZE + 1]; /* Stores the error message */
data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/misc.h:69:28: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define memmove(a, b, c) bcopy(b, a, c)
data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/zend_string.h:40:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[1];
data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/zend_string.h:135:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ZSTR_VAL(ret), str, len);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/zend_string.h:171:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), MIN(len, ZSTR_LEN(s)) + 1);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/zend_string.h:194:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), ZSTR_LEN(s) + 1);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/zend_string.h:217:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), len + 1);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/zend_string.h:238:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), MIN((n * m) + l, ZSTR_LEN(s)) + 1);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.c:1115:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.c:1116:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_document_field_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.c:1117:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_input_document_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.c:1118:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_client_object_handlers, &solr_input_document_object_handlers, sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.c:1119:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_collapse_function_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.c:1120:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_extract_request_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_client.c:314:24: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
long int host_port = atol(Z_STRVAL_PP(tmp1));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_client.c:340:20: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout_value = atol(Z_STRVAL_PP(tmp1));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_client.c:407:23: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
proxy_port_value = atol(Z_STRVAL_PP(tmp1));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_client.c:731:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char commitWithinBuffer[32];
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_client.c:885:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char commitWithinBuffer[32];
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_document.c:537:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_doc_entry, old_doc_entry, sizeof(solr_document_t));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_document.c:1354:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_doc_entry, old_doc_entry, sizeof(solr_document_t));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_input_document.c:116:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_doc_entry, old_doc_entry, sizeof(solr_document_t));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_input_document.c:418:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version_str[80];
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_input_document.c:465:21: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
RETURN_LONG(atol(field->head->field_value));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_params.c:26:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_buffer[32]; /* This should be enough to hold any value */
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_client.c:667:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
exceptionData->code = atoi((const char *)nodeCurser->children->content);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_document.c:326:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char tmp_buffer[256]; /* Scratch pad for converting numeric values to strings */
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_document.c:408:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char tmp_boost_value_buffer[256];
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_params.c:771:26: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
long int return_value = atol(current_ptr->contents.normal.str);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_macros.h:79:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
#define solr_xml_get_node_contents_int(solrXmlNode) atoi((char *)solr_xml_get_node_contents(solrXmlNode))
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.c:63:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->str + dest->len, src, length);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.c:107:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char tmp_buffer[SOLR_STRING_LONG_BUFFER_SIZE];
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.c:119:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->str + dest->len, tmp_buffer, length);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.c:133:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char tmp_buffer[SOLR_STRING_UNSIGNED_LONG_BUFFER_SIZE];
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.c:145:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->str + dest->len, tmp_buffer, length);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_types.h:164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[CURL_ERROR_SIZE + 1]; /* Stores the error message */
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.c:1112:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.c:1113:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_document_field_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.c:1114:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_input_document_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.c:1115:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_client_object_handlers, &solr_input_document_object_handlers, sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.c:1116:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_collapse_function_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.c:1117:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&solr_extract_request_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_client.c:315:24: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
long int host_port = atol(Z_STRVAL_P(tmp1));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_client.c:337:20: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timeout_value = atol(Z_STRVAL_P(tmp1));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_client.c:400:23: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
proxy_port_value = atol(Z_STRVAL_P(tmp1));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_client.c:708:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char commitWithinBuffer[32];
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_client.c:859:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char commitWithinBuffer[32];
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_input_document.c:321:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version_str[80];
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_input_document.c:372:21: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
RETURN_LONG(atol(field->head->field_value));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_params.c:26:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_buffer[32]; /* This should be enough to hold any value */
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_client.c:667:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
exceptionData->code = atoi((const char *)nodeCurser->children->content);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_document.c:413:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char tmp_buffer[256]; /* Scratch pad for converting numeric values to strings */
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_document.c:494:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char tmp_boost_value_buffer[256];
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_params.c:758:26: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
long int return_value = atol(current_ptr->contents.normal.str);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_macros.h:90:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
#define solr_xml_get_node_contents_int(solrXmlNode) atoi((char *)solr_xml_get_node_contents(solrXmlNode))
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.c:63:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->str + dest->len, src, length);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.c:107:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char tmp_buffer[SOLR_STRING_LONG_BUFFER_SIZE];
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.c:119:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->str + dest->len, tmp_buffer, length);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.c:133:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char tmp_buffer[SOLR_STRING_UNSIGNED_LONG_BUFFER_SIZE];
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.c:145:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->str + dest->len, tmp_buffer, length);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_types.h:164:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[CURL_ERROR_SIZE + 1]; /* Stores the error message */
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_collapse_function.c:51:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_function_dest->name_length = strlen("collapse");
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_dismax_query.c:124:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int deftype_param_name_len = strlen("defType"), deftype_param_value_len = strlen(SOLR_DISMAX_DEFAULT_PARSER);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_dismax_query.c:124:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int deftype_param_name_len = strlen("defType"), deftype_param_value_len = strlen(SOLR_DISMAX_DEFAULT_PARSER);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_dismax_query.c:151:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int param_name_len = strlen("defType"), param_value_len = strlen("dismax"), result=1;
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_dismax_query.c:151:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int param_name_len = strlen("defType"), param_value_len = strlen("dismax"), result=1;
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_dismax_query.c:175:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pname_len = strlen("defType"), param_value_len = strlen("edismax"), result=1;
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_dismax_query.c:175:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pname_len = strlen("defType"), param_value_len = strlen("edismax"), result=1;
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_dismax_query.c:969:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pname_len = strlen(pname);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_document.c:280:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (zend_hash_add(document_fields, field_name, strlen(field_name), (void *) &field_values, sizeof(solr_field_list_t *), (void **) NULL) == FAILURE) {
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_document.c:327:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sdoc = (char *)php_base64_decode((const unsigned char*)hash, strlen((char *)hash), &hash_len);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_document.c:333:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_end = (unsigned char *) (sdoc_copy + strlen((const char *)sdoc_copy));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_query.c:1810:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pval_len = strlen(pval);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_helpers.c:588:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_string_append_long(buffer, strlen(object_name));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_helpers.c:592:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_string_appends(buffer, object_name, strlen(object_name));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_helpers.c:992:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_string_append_long(buffer, strlen(object_name));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_helpers.c:994:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_string_appends(buffer, object_name, strlen(object_name));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_params.c:1028:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(current_ptr->contents.arg_list.delimiter_override) > 0)
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_params.c:1049:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(current_ptr->contents.arg_list.delimiter_override) > 0)
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.c:115:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(tmp_buffer);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.c:141:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(tmp_buffer);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.h:102:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define solr_strlen strlen
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_client.c:31:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key_str = zend_string_init(key, strlen (key), 0);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_collapse_function.c:49:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_function_dest->name_length = strlen("collapse");
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_dismax_query.c:123:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
COMPAT_ARG_SIZE_T deftype_param_name_len = strlen("defType"),
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_dismax_query.c:124:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
deftype_param_value_len = strlen(SOLR_DISMAX_DEFAULT_PARSER);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_dismax_query.c:151:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
COMPAT_ARG_SIZE_T param_name_len = strlen("defType"), param_value_len = strlen("dismax"), result=1;
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_dismax_query.c:151:77: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
COMPAT_ARG_SIZE_T param_name_len = strlen("defType"), param_value_len = strlen("dismax"), result=1;
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_dismax_query.c:175:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
COMPAT_ARG_SIZE_T pname_len = strlen("defType"), param_value_len = strlen("edismax"), result=1;
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_dismax_query.c:175:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
COMPAT_ARG_SIZE_T pname_len = strlen("defType"), param_value_len = strlen("edismax"), result=1;
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_dismax_query.c:969:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
COMPAT_ARG_SIZE_T pname_len = strlen(pname);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_document.c:275:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
field_str = zend_string_init(field_name, strlen(field_name), SOLR_DOCUMENT_FIELD_PERSISTENT);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_document.c:325:85: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sdoc_str = (zend_string *)php_base64_decode((const unsigned char*)hash, strlen((char *)hash));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_document.c:329:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_end = (unsigned char *) (sdoc_copy + strlen((const char *)sdoc_copy));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_query.c:1709:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pval_len = strlen(pval);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_helpers.c:578:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_string_append_long(buffer, strlen(object_name));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_helpers.c:582:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_string_appends(buffer, object_name, strlen(object_name));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_helpers.c:966:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_string_append_long(buffer, strlen(object_name));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_helpers.c:968:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_string_appends(buffer, object_name, strlen(object_name));
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_helpers.c:1395:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
zend_string *regex_str = zend_string_init(search, strlen(search), 0);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_params.c:991:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(current_ptr->contents.arg_list.delimiter_override) > 0)
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_params.c:1012:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(current_ptr->contents.arg_list.delimiter_override) > 0)
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.c:115:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(tmp_buffer);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.c:141:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(tmp_buffer);
data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.h:102:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define solr_strlen strlen
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_collapse_function.c:51:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_function_dest->name_length = strlen("collapse");
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_dismax_query.c:124:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int deftype_param_name_len = strlen("defType"), deftype_param_value_len = strlen(SOLR_DISMAX_DEFAULT_PARSER);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_dismax_query.c:124:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int deftype_param_name_len = strlen("defType"), deftype_param_value_len = strlen(SOLR_DISMAX_DEFAULT_PARSER);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_dismax_query.c:151:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int param_name_len = strlen("defType"), param_value_len = strlen("dismax"), result=1;
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_dismax_query.c:151:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int param_name_len = strlen("defType"), param_value_len = strlen("dismax"), result=1;
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_dismax_query.c:175:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pname_len = strlen("defType"), param_value_len = strlen("edismax"), result=1;
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_dismax_query.c:175:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pname_len = strlen("defType"), param_value_len = strlen("edismax"), result=1;
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_dismax_query.c:969:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pname_len = strlen(pname);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_document.c:278:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (zend_hash_add(document_fields, field_name, strlen(field_name), (void *) &field_values, sizeof(solr_field_list_t *), (void **) NULL) == FAILURE) {
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_document.c:325:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sdoc = (char *)php_base64_decode((const unsigned char*)hash, strlen((char *)hash), &hash_len);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_document.c:331:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_end = (unsigned char *) (sdoc_copy + strlen((const char *)sdoc_copy));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_query.c:1808:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pval_len = strlen(pval);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_helpers.c:626:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_string_append_long(buffer, strlen(object_name));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_helpers.c:630:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_string_appends(buffer, object_name, strlen(object_name));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_helpers.c:1030:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_string_append_long(buffer, strlen(object_name));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_helpers.c:1032:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_string_appends(buffer, object_name, strlen(object_name));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_params.c:1037:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(current_ptr->contents.arg_list.delimiter_override) > 0)
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_params.c:1058:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(current_ptr->contents.arg_list.delimiter_override) > 0)
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.c:113:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(tmp_buffer);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.c:139:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(tmp_buffer);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.h:100:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define solr_strlen strlen
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_client.c:30:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key_str = zend_string_init(key, strlen (key), 0);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_collapse_function.c:49:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_function_dest->name_length = strlen("collapse");
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_dismax_query.c:123:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
COMPAT_ARG_SIZE_T deftype_param_name_len = strlen("defType"),
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_dismax_query.c:124:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
deftype_param_value_len = strlen(SOLR_DISMAX_DEFAULT_PARSER);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_dismax_query.c:151:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
COMPAT_ARG_SIZE_T param_name_len = strlen("defType"), param_value_len = strlen("dismax"), result=1;
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_dismax_query.c:151:77: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
COMPAT_ARG_SIZE_T param_name_len = strlen("defType"), param_value_len = strlen("dismax"), result=1;
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_dismax_query.c:175:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
COMPAT_ARG_SIZE_T pname_len = strlen("defType"), param_value_len = strlen("edismax"), result=1;
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_dismax_query.c:175:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
COMPAT_ARG_SIZE_T pname_len = strlen("defType"), param_value_len = strlen("edismax"), result=1;
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_dismax_query.c:969:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
COMPAT_ARG_SIZE_T pname_len = strlen(pname);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_document.c:273:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
field_str = zend_string_init(field_name, strlen(field_name), SOLR_DOCUMENT_FIELD_PERSISTENT);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_document.c:323:85: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sdoc_str = (zend_string *)php_base64_decode((const unsigned char*)hash, strlen((char *)hash));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_document.c:327:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_end = (unsigned char *) (sdoc_copy + strlen((const char *)sdoc_copy));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_query.c:1707:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pval_len = strlen(pval);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_helpers.c:615:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_string_append_long(buffer, strlen(object_name));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_helpers.c:619:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_string_appends(buffer, object_name, strlen(object_name));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_helpers.c:1003:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_string_append_long(buffer, strlen(object_name));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_helpers.c:1005:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
solr_string_appends(buffer, object_name, strlen(object_name));
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_helpers.c:1435:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
zend_string *regex_str = zend_string_init(search, strlen(search), 0);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_helpers.c:1438:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
zend_string *replace_str = zend_string_init(replace, strlen(replace), 0);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_params.c:999:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(current_ptr->contents.arg_list.delimiter_override) > 0)
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_params.c:1020:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(current_ptr->contents.arg_list.delimiter_override) > 0)
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.c:113:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(tmp_buffer);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.c:139:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(tmp_buffer);
data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.h:100:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define solr_strlen strlen
ANALYSIS SUMMARY:
Hits = 219
Lines analyzed = 90463 in approximately 1.98 seconds (45771 lines/second)
Physical Source Lines of Code (SLOC) = 54498
Hits@level = [0] 58 [1] 89 [2] 114 [3] 0 [4] 16 [5] 0
Hits@level+ = [0+] 277 [1+] 219 [2+] 130 [3+] 16 [4+] 16 [5+] 0
Hits/KSLOC@level+ = [0+] 5.08276 [1+] 4.0185 [2+] 2.38541 [3+] 0.293589 [4+] 0.293589 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.