Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/compat.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/misc.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/zend_hash.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/zend_string.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_api.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_bc_macros.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_client.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_collapse_function.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_dismax_query.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_dismax_query.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_document.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_exception.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_input_document.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_object.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_params.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_query.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_response.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_utils.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_version.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_constants.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_client.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_debug.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_document.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_helpers.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_params.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_response.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_macros.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_types.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_api.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_bc_macros.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_client.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_collapse_function.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_dismax_query.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_dismax_query.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_document.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_exception.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_input_document.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_object.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_params.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_query.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_response.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_utils.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_version.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_constants.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_client.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_debug.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_document.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_helpers.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_params.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_response.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_macros.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.c Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.h Examining data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_types.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/compat.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/misc.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/zend_hash.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/zend_string.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_api.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_bc_macros.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_client.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_collapse_function.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_dismax_query.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_dismax_query.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_document.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_exception.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_extract.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_input_document.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_object.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_params.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_query.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_response.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_utils.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_version.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_constants.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_client.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_debug.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_document.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_helpers.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_params.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_response.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_macros.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_types.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_api.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_bc_macros.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_client.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_collapse_function.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_dismax_query.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_dismax_query.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_document.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_exception.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_extract.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_input_document.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_object.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_params.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_query.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_response.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_utils.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_version.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_constants.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_client.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_debug.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_document.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_helpers.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_params.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_response.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_macros.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.c Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.h Examining data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_types.h FINAL RESULTS: data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr.c:656:21: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. PHP_ME(SolrClient, system, SolrClient_info_args, ZEND_ACC_PUBLIC) data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr.h:266:24: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. PHP_METHOD(SolrClient, system); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_client.c:1842:24: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. PHP_METHOD(SolrClient, system) data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_debug.c:31:2: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vprintf(format,args); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr.c:655:21: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. PHP_ME(SolrClient, system, SolrClient_info_args, ZEND_ACC_PUBLIC) data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr.h:269:24: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. PHP_METHOD(SolrClient, system); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_client.c:1755:24: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. PHP_METHOD(SolrClient, system) data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_debug.c:31:2: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vprintf(format,args); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.c:686:21: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. PHP_ME(SolrClient, system, SolrClient_info_args, ZEND_ACC_PUBLIC) data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.h:281:24: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. PHP_METHOD(SolrClient, system); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_client.c:1898:24: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. PHP_METHOD(SolrClient, system) data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_debug.c:29:2: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vprintf(format,args); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.c:685:21: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. PHP_ME(SolrClient, system, SolrClient_info_args, ZEND_ACC_PUBLIC) data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.h:281:24: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. PHP_METHOD(SolrClient, system); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_client.c:1817:24: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. PHP_METHOD(SolrClient, system) data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_debug.c:29:2: [4] (format) vprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vprintf(format,args); data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/misc.h:69:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(a, b, c) bcopy(b, a, c) data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/zend_string.h:40:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[1]; data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/zend_string.h:135:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ZSTR_VAL(ret), str, len); data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/zend_string.h:171:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), MIN(len, ZSTR_LEN(s)) + 1); data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/zend_string.h:194:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), ZSTR_LEN(s) + 1); data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/zend_string.h:217:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), len + 1); data/php-solr-2.5.0+2.4.0/solr-2.4.0/pecl-compat/src/zend_string.h:238:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), MIN((n * m) + l, ZSTR_LEN(s)) + 1); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr.c:1072:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr.c:1073:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_document_field_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr.c:1074:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_input_document_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr.c:1075:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_client_object_handlers, &solr_input_document_object_handlers, sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr.c:1076:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_collapse_function_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_client.c:316:24: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). long int host_port = atol(Z_STRVAL_PP(tmp1)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_client.c:342:20: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). timeout_value = atol(Z_STRVAL_PP(tmp1)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_client.c:409:23: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). proxy_port_value = atol(Z_STRVAL_PP(tmp1)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_client.c:733:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char commitWithinBuffer[32]; data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_client.c:887:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char commitWithinBuffer[32]; data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_document.c:539:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_doc_entry, old_doc_entry, sizeof(solr_document_t)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_document.c:1356:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_doc_entry, old_doc_entry, sizeof(solr_document_t)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_input_document.c:118:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_doc_entry, old_doc_entry, sizeof(solr_document_t)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_params.c:28:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_buffer[32]; /* This should be enough to hold any value */ data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_client.c:590:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). exceptionData->code = atoi((const char *)nodeCurser->children->content); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_document.c:325:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char tmp_buffer[256]; /* Scratch pad for converting numeric values to strings */ data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_document.c:380:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char tmp_boost_value_buffer[256]; data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_params.c:762:26: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). long int return_value = atol(current_ptr->contents.normal.str); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_macros.h:78:53: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define solr_xml_get_node_contents_int(solrXmlNode) atoi((char *)solr_xml_get_node_contents(solrXmlNode)) data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.c:65:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->str + dest->len, src, length); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.c:109:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char tmp_buffer[SOLR_STRING_LONG_BUFFER_SIZE]; data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.c:121:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->str + dest->len, tmp_buffer, length); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.c:135:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char tmp_buffer[SOLR_STRING_UNSIGNED_LONG_BUFFER_SIZE]; data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.c:147:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->str + dest->len, tmp_buffer, length); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_types.h:140:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[CURL_ERROR_SIZE + 1]; /* Stores the error message */ data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr.c:1071:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr.c:1072:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_document_field_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr.c:1073:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_input_document_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr.c:1074:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_client_object_handlers, &solr_input_document_object_handlers, sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr.c:1075:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_collapse_function_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_client.c:319:24: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). long int host_port = atol(Z_STRVAL_P(tmp1)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_client.c:341:20: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). timeout_value = atol(Z_STRVAL_P(tmp1)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_client.c:404:23: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). proxy_port_value = atol(Z_STRVAL_P(tmp1)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_client.c:712:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char commitWithinBuffer[32]; data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_client.c:863:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char commitWithinBuffer[32]; data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_params.c:28:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_buffer[32]; /* This should be enough to hold any value */ data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_client.c:590:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). exceptionData->code = atoi((const char *)nodeCurser->children->content); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_document.c:413:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char tmp_buffer[256]; /* Scratch pad for converting numeric values to strings */ data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_document.c:466:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char tmp_boost_value_buffer[256]; data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_params.c:750:26: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). long int return_value = atol(current_ptr->contents.normal.str); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_macros.h:84:53: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define solr_xml_get_node_contents_int(solrXmlNode) atoi((char *)solr_xml_get_node_contents(solrXmlNode)) data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.c:65:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->str + dest->len, src, length); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.c:109:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char tmp_buffer[SOLR_STRING_LONG_BUFFER_SIZE]; data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.c:121:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->str + dest->len, tmp_buffer, length); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.c:135:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char tmp_buffer[SOLR_STRING_UNSIGNED_LONG_BUFFER_SIZE]; data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.c:147:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->str + dest->len, tmp_buffer, length); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_types.h:140:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[CURL_ERROR_SIZE + 1]; /* Stores the error message */ data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/misc.h:69:28: [2] (buffer) bcopy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. # define memmove(a, b, c) bcopy(b, a, c) data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/zend_string.h:40:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[1]; data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/zend_string.h:135:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ZSTR_VAL(ret), str, len); data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/zend_string.h:171:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), MIN(len, ZSTR_LEN(s)) + 1); data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/zend_string.h:194:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), ZSTR_LEN(s) + 1); data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/zend_string.h:217:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), len + 1); data/php-solr-2.5.0+2.4.0/solr-2.5.0/pecl-compat/src/zend_string.h:238:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ZSTR_VAL(ret), ZSTR_VAL(s), MIN((n * m) + l, ZSTR_LEN(s)) + 1); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.c:1115:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.c:1116:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_document_field_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.c:1117:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_input_document_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.c:1118:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_client_object_handlers, &solr_input_document_object_handlers, sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.c:1119:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_collapse_function_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr.c:1120:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_extract_request_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_client.c:314:24: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). long int host_port = atol(Z_STRVAL_PP(tmp1)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_client.c:340:20: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). timeout_value = atol(Z_STRVAL_PP(tmp1)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_client.c:407:23: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). proxy_port_value = atol(Z_STRVAL_PP(tmp1)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_client.c:731:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char commitWithinBuffer[32]; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_client.c:885:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char commitWithinBuffer[32]; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_document.c:537:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_doc_entry, old_doc_entry, sizeof(solr_document_t)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_document.c:1354:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_doc_entry, old_doc_entry, sizeof(solr_document_t)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_input_document.c:116:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_doc_entry, old_doc_entry, sizeof(solr_document_t)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_input_document.c:418:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version_str[80]; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_input_document.c:465:21: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). RETURN_LONG(atol(field->head->field_value)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_params.c:26:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_buffer[32]; /* This should be enough to hold any value */ data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_client.c:667:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). exceptionData->code = atoi((const char *)nodeCurser->children->content); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_document.c:326:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char tmp_buffer[256]; /* Scratch pad for converting numeric values to strings */ data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_document.c:408:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char tmp_boost_value_buffer[256]; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_params.c:771:26: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). long int return_value = atol(current_ptr->contents.normal.str); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_macros.h:79:53: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define solr_xml_get_node_contents_int(solrXmlNode) atoi((char *)solr_xml_get_node_contents(solrXmlNode)) data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.c:63:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->str + dest->len, src, length); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.c:107:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char tmp_buffer[SOLR_STRING_LONG_BUFFER_SIZE]; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.c:119:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->str + dest->len, tmp_buffer, length); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.c:133:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char tmp_buffer[SOLR_STRING_UNSIGNED_LONG_BUFFER_SIZE]; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.c:145:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->str + dest->len, tmp_buffer, length); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_types.h:164:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[CURL_ERROR_SIZE + 1]; /* Stores the error message */ data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.c:1112:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.c:1113:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_document_field_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.c:1114:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_input_document_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.c:1115:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_client_object_handlers, &solr_input_document_object_handlers, sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.c:1116:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_collapse_function_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr.c:1117:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&solr_extract_request_object_handlers, zend_get_std_object_handlers(), sizeof(zend_object_handlers)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_client.c:315:24: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). long int host_port = atol(Z_STRVAL_P(tmp1)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_client.c:337:20: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). timeout_value = atol(Z_STRVAL_P(tmp1)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_client.c:400:23: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). proxy_port_value = atol(Z_STRVAL_P(tmp1)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_client.c:708:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char commitWithinBuffer[32]; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_client.c:859:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char commitWithinBuffer[32]; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_input_document.c:321:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version_str[80]; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_input_document.c:372:21: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). RETURN_LONG(atol(field->head->field_value)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_params.c:26:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_buffer[32]; /* This should be enough to hold any value */ data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_client.c:667:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). exceptionData->code = atoi((const char *)nodeCurser->children->content); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_document.c:413:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char tmp_buffer[256]; /* Scratch pad for converting numeric values to strings */ data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_document.c:494:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char tmp_boost_value_buffer[256]; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_params.c:758:26: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). long int return_value = atol(current_ptr->contents.normal.str); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_macros.h:90:53: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define solr_xml_get_node_contents_int(solrXmlNode) atoi((char *)solr_xml_get_node_contents(solrXmlNode)) data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.c:63:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->str + dest->len, src, length); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.c:107:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char tmp_buffer[SOLR_STRING_LONG_BUFFER_SIZE]; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.c:119:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->str + dest->len, tmp_buffer, length); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.c:133:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. auto char tmp_buffer[SOLR_STRING_UNSIGNED_LONG_BUFFER_SIZE]; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.c:145:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->str + dest->len, tmp_buffer, length); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_types.h:164:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[CURL_ERROR_SIZE + 1]; /* Stores the error message */ data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_collapse_function.c:51:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_function_dest->name_length = strlen("collapse"); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_dismax_query.c:124:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int deftype_param_name_len = strlen("defType"), deftype_param_value_len = strlen(SOLR_DISMAX_DEFAULT_PARSER); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_dismax_query.c:124:79: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int deftype_param_name_len = strlen("defType"), deftype_param_value_len = strlen(SOLR_DISMAX_DEFAULT_PARSER); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_dismax_query.c:151:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int param_name_len = strlen("defType"), param_value_len = strlen("dismax"), result=1; data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_dismax_query.c:151:63: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int param_name_len = strlen("defType"), param_value_len = strlen("dismax"), result=1; data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_dismax_query.c:175:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int pname_len = strlen("defType"), param_value_len = strlen("edismax"), result=1; data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_dismax_query.c:175:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int pname_len = strlen("defType"), param_value_len = strlen("edismax"), result=1; data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_dismax_query.c:969:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int pname_len = strlen(pname); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_document.c:280:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (zend_hash_add(document_fields, field_name, strlen(field_name), (void *) &field_values, sizeof(solr_field_list_t *), (void **) NULL) == FAILURE) { data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_document.c:327:74: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sdoc = (char *)php_base64_decode((const unsigned char*)hash, strlen((char *)hash), &hash_len); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_document.c:333:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_end = (unsigned char *) (sdoc_copy + strlen((const char *)sdoc_copy)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/php_solr_query.c:1810:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pval_len = strlen(pval); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_helpers.c:588:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_string_append_long(buffer, strlen(object_name)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_helpers.c:592:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_string_appends(buffer, object_name, strlen(object_name)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_helpers.c:992:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_string_append_long(buffer, strlen(object_name)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_helpers.c:994:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_string_appends(buffer, object_name, strlen(object_name)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_params.c:1028:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(current_ptr->contents.arg_list.delimiter_override) > 0) data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_functions_params.c:1049:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(current_ptr->contents.arg_list.delimiter_override) > 0) data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.c:115:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(tmp_buffer); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.c:141:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(tmp_buffer); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php5/solr_string.h:102:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define solr_strlen strlen data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_client.c:31:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key_str = zend_string_init(key, strlen (key), 0); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_collapse_function.c:49:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_function_dest->name_length = strlen("collapse"); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_dismax_query.c:123:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). COMPAT_ARG_SIZE_T deftype_param_name_len = strlen("defType"), data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_dismax_query.c:124:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). deftype_param_value_len = strlen(SOLR_DISMAX_DEFAULT_PARSER); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_dismax_query.c:151:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). COMPAT_ARG_SIZE_T param_name_len = strlen("defType"), param_value_len = strlen("dismax"), result=1; data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_dismax_query.c:151:77: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). COMPAT_ARG_SIZE_T param_name_len = strlen("defType"), param_value_len = strlen("dismax"), result=1; data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_dismax_query.c:175:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). COMPAT_ARG_SIZE_T pname_len = strlen("defType"), param_value_len = strlen("edismax"), result=1; data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_dismax_query.c:175:72: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). COMPAT_ARG_SIZE_T pname_len = strlen("defType"), param_value_len = strlen("edismax"), result=1; data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_dismax_query.c:969:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). COMPAT_ARG_SIZE_T pname_len = strlen(pname); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_document.c:275:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). field_str = zend_string_init(field_name, strlen(field_name), SOLR_DOCUMENT_FIELD_PERSISTENT); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_document.c:325:85: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sdoc_str = (zend_string *)php_base64_decode((const unsigned char*)hash, strlen((char *)hash)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_document.c:329:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_end = (unsigned char *) (sdoc_copy + strlen((const char *)sdoc_copy)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/php_solr_query.c:1709:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pval_len = strlen(pval); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_helpers.c:578:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_string_append_long(buffer, strlen(object_name)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_helpers.c:582:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_string_appends(buffer, object_name, strlen(object_name)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_helpers.c:966:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_string_append_long(buffer, strlen(object_name)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_helpers.c:968:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_string_appends(buffer, object_name, strlen(object_name)); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_helpers.c:1395:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). zend_string *regex_str = zend_string_init(search, strlen(search), 0); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_params.c:991:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(current_ptr->contents.arg_list.delimiter_override) > 0) data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_functions_params.c:1012:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(current_ptr->contents.arg_list.delimiter_override) > 0) data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.c:115:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(tmp_buffer); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.c:141:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(tmp_buffer); data/php-solr-2.5.0+2.4.0/solr-2.4.0/src/php7/solr_string.h:102:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define solr_strlen strlen data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_collapse_function.c:51:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_function_dest->name_length = strlen("collapse"); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_dismax_query.c:124:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int deftype_param_name_len = strlen("defType"), deftype_param_value_len = strlen(SOLR_DISMAX_DEFAULT_PARSER); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_dismax_query.c:124:79: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int deftype_param_name_len = strlen("defType"), deftype_param_value_len = strlen(SOLR_DISMAX_DEFAULT_PARSER); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_dismax_query.c:151:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int param_name_len = strlen("defType"), param_value_len = strlen("dismax"), result=1; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_dismax_query.c:151:63: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int param_name_len = strlen("defType"), param_value_len = strlen("dismax"), result=1; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_dismax_query.c:175:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int pname_len = strlen("defType"), param_value_len = strlen("edismax"), result=1; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_dismax_query.c:175:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int pname_len = strlen("defType"), param_value_len = strlen("edismax"), result=1; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_dismax_query.c:969:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int pname_len = strlen(pname); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_document.c:278:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (zend_hash_add(document_fields, field_name, strlen(field_name), (void *) &field_values, sizeof(solr_field_list_t *), (void **) NULL) == FAILURE) { data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_document.c:325:74: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sdoc = (char *)php_base64_decode((const unsigned char*)hash, strlen((char *)hash), &hash_len); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_document.c:331:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_end = (unsigned char *) (sdoc_copy + strlen((const char *)sdoc_copy)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/php_solr_query.c:1808:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pval_len = strlen(pval); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_helpers.c:626:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_string_append_long(buffer, strlen(object_name)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_helpers.c:630:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_string_appends(buffer, object_name, strlen(object_name)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_helpers.c:1030:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_string_append_long(buffer, strlen(object_name)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_helpers.c:1032:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_string_appends(buffer, object_name, strlen(object_name)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_params.c:1037:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(current_ptr->contents.arg_list.delimiter_override) > 0) data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_functions_params.c:1058:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(current_ptr->contents.arg_list.delimiter_override) > 0) data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.c:113:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(tmp_buffer); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.c:139:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(tmp_buffer); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php5/solr_string.h:100:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define solr_strlen strlen data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_client.c:30:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). key_str = zend_string_init(key, strlen (key), 0); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_collapse_function.c:49:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_function_dest->name_length = strlen("collapse"); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_dismax_query.c:123:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). COMPAT_ARG_SIZE_T deftype_param_name_len = strlen("defType"), data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_dismax_query.c:124:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). deftype_param_value_len = strlen(SOLR_DISMAX_DEFAULT_PARSER); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_dismax_query.c:151:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). COMPAT_ARG_SIZE_T param_name_len = strlen("defType"), param_value_len = strlen("dismax"), result=1; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_dismax_query.c:151:77: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). COMPAT_ARG_SIZE_T param_name_len = strlen("defType"), param_value_len = strlen("dismax"), result=1; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_dismax_query.c:175:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). COMPAT_ARG_SIZE_T pname_len = strlen("defType"), param_value_len = strlen("edismax"), result=1; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_dismax_query.c:175:72: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). COMPAT_ARG_SIZE_T pname_len = strlen("defType"), param_value_len = strlen("edismax"), result=1; data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_dismax_query.c:969:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). COMPAT_ARG_SIZE_T pname_len = strlen(pname); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_document.c:273:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). field_str = zend_string_init(field_name, strlen(field_name), SOLR_DOCUMENT_FIELD_PERSISTENT); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_document.c:323:85: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sdoc_str = (zend_string *)php_base64_decode((const unsigned char*)hash, strlen((char *)hash)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_document.c:327:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). str_end = (unsigned char *) (sdoc_copy + strlen((const char *)sdoc_copy)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/php_solr_query.c:1707:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pval_len = strlen(pval); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_helpers.c:615:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_string_append_long(buffer, strlen(object_name)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_helpers.c:619:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_string_appends(buffer, object_name, strlen(object_name)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_helpers.c:1003:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_string_append_long(buffer, strlen(object_name)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_helpers.c:1005:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). solr_string_appends(buffer, object_name, strlen(object_name)); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_helpers.c:1435:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). zend_string *regex_str = zend_string_init(search, strlen(search), 0); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_helpers.c:1438:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). zend_string *replace_str = zend_string_init(replace, strlen(replace), 0); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_params.c:999:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(current_ptr->contents.arg_list.delimiter_override) > 0) data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_functions_params.c:1020:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(current_ptr->contents.arg_list.delimiter_override) > 0) data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.c:113:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(tmp_buffer); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.c:139:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length = strlen(tmp_buffer); data/php-solr-2.5.0+2.4.0/solr-2.5.0/src/php7/solr_string.h:100:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define solr_strlen strlen ANALYSIS SUMMARY: Hits = 219 Lines analyzed = 90463 in approximately 1.98 seconds (45771 lines/second) Physical Source Lines of Code (SLOC) = 54498 Hits@level = [0] 58 [1] 89 [2] 114 [3] 0 [4] 16 [5] 0 Hits@level+ = [0+] 277 [1+] 219 [2+] 130 [3+] 16 [4+] 16 [5+] 0 Hits/KSLOC@level+ = [0+] 5.08276 [1+] 4.0185 [2+] 2.38541 [3+] 0.293589 [4+] 0.293589 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.