Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/python3-stdlib-extensions-3.9.0/3.8/Modules/_tkinter.c
Examining data/python3-stdlib-extensions-3.9.0/3.8/Modules/tkinter.h
Examining data/python3-stdlib-extensions-3.9.0/3.8/Modules/clinic/_gdbmmodule.c.h
Examining data/python3-stdlib-extensions-3.9.0/3.8/Modules/clinic/_tkinter.c.h
Examining data/python3-stdlib-extensions-3.9.0/3.8/Modules/_gdbmmodule.c
Examining data/python3-stdlib-extensions-3.9.0/3.8/Modules/tkappinit.c
Examining data/python3-stdlib-extensions-3.9.0/3.10/Modules/_tkinter.c
Examining data/python3-stdlib-extensions-3.9.0/3.10/Modules/tkinter.h
Examining data/python3-stdlib-extensions-3.9.0/3.10/Modules/clinic/_gdbmmodule.c.h
Examining data/python3-stdlib-extensions-3.9.0/3.10/Modules/clinic/_tkinter.c.h
Examining data/python3-stdlib-extensions-3.9.0/3.10/Modules/_gdbmmodule.c
Examining data/python3-stdlib-extensions-3.9.0/3.10/Modules/tkappinit.c
Examining data/python3-stdlib-extensions-3.9.0/3.6/Modules/_tkinter.c
Examining data/python3-stdlib-extensions-3.9.0/3.6/Modules/tkinter.h
Examining data/python3-stdlib-extensions-3.9.0/3.6/Modules/clinic/_gdbmmodule.c.h
Examining data/python3-stdlib-extensions-3.9.0/3.6/Modules/clinic/_tkinter.c.h
Examining data/python3-stdlib-extensions-3.9.0/3.6/Modules/_gdbmmodule.c
Examining data/python3-stdlib-extensions-3.9.0/3.6/Modules/tkappinit.c
Examining data/python3-stdlib-extensions-3.9.0/3.7/Modules/_tkinter.c
Examining data/python3-stdlib-extensions-3.9.0/3.7/Modules/tkinter.h
Examining data/python3-stdlib-extensions-3.9.0/3.7/Modules/clinic/_gdbmmodule.c.h
Examining data/python3-stdlib-extensions-3.9.0/3.7/Modules/clinic/_tkinter.c.h
Examining data/python3-stdlib-extensions-3.9.0/3.7/Modules/_gdbmmodule.c
Examining data/python3-stdlib-extensions-3.9.0/3.7/Modules/tkappinit.c
Examining data/python3-stdlib-extensions-3.9.0/3.9/Modules/_tkinter.c
Examining data/python3-stdlib-extensions-3.9.0/3.9/Modules/tkinter.h
Examining data/python3-stdlib-extensions-3.9.0/3.9/Modules/clinic/_gdbmmodule.c.h
Examining data/python3-stdlib-extensions-3.9.0/3.9/Modules/clinic/_tkinter.c.h
Examining data/python3-stdlib-extensions-3.9.0/3.9/Modules/_gdbmmodule.c
Examining data/python3-stdlib-extensions-3.9.0/3.9/Modules/tkappinit.c
FINAL RESULTS:
data/python3-stdlib-extensions-3.9.0/3.10/Modules/_tkinter.c:712:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(argv0, className);
data/python3-stdlib-extensions-3.9.0/3.10/Modules/_tkinter.c:753:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(args, use);
data/python3-stdlib-extensions-3.9.0/3.6/Modules/_tkinter.c:694:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(argv0, className);
data/python3-stdlib-extensions-3.9.0/3.6/Modules/_tkinter.c:735:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(args, use);
data/python3-stdlib-extensions-3.9.0/3.7/Modules/_tkinter.c:715:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(argv0, className);
data/python3-stdlib-extensions-3.9.0/3.7/Modules/_tkinter.c:756:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(args, use);
data/python3-stdlib-extensions-3.9.0/3.8/Modules/_tkinter.c:714:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(argv0, className);
data/python3-stdlib-extensions-3.9.0/3.8/Modules/_tkinter.c:755:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(args, use);
data/python3-stdlib-extensions-3.9.0/3.9/Modules/_tkinter.c:712:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(argv0, className);
data/python3-stdlib-extensions-3.9.0/3.9/Modules/_tkinter.c:753:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(args, use);
data/python3-stdlib-extensions-3.9.0/3.10/Modules/_gdbmmodule.c:639:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/python3-stdlib-extensions-3.9.0/3.10/Modules/_tkinter.c:748:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(args, "-sync");
data/python3-stdlib-extensions-3.9.0/3.10/Modules/_tkinter.c:752:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(args, "-use ");
data/python3-stdlib-extensions-3.9.0/3.10/Modules/tkappinit.c:38:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tclLibPath[MAX_PATH_LEN], tkLibPath[MAX_PATH_LEN];
data/python3-stdlib-extensions-3.9.0/3.6/Modules/_gdbmmodule.c:590:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/python3-stdlib-extensions-3.9.0/3.6/Modules/_tkinter.c:730:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(args, "-sync");
data/python3-stdlib-extensions-3.9.0/3.6/Modules/_tkinter.c:734:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(args, "-use ");
data/python3-stdlib-extensions-3.9.0/3.6/Modules/tkappinit.c:38:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tclLibPath[MAX_PATH_LEN], tkLibPath[MAX_PATH_LEN];
data/python3-stdlib-extensions-3.9.0/3.7/Modules/_gdbmmodule.c:585:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/python3-stdlib-extensions-3.9.0/3.7/Modules/_tkinter.c:751:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(args, "-sync");
data/python3-stdlib-extensions-3.9.0/3.7/Modules/_tkinter.c:755:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(args, "-use ");
data/python3-stdlib-extensions-3.9.0/3.7/Modules/tkappinit.c:38:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tclLibPath[MAX_PATH_LEN], tkLibPath[MAX_PATH_LEN];
data/python3-stdlib-extensions-3.9.0/3.8/Modules/_gdbmmodule.c:607:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/python3-stdlib-extensions-3.9.0/3.8/Modules/_tkinter.c:750:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(args, "-sync");
data/python3-stdlib-extensions-3.9.0/3.8/Modules/_tkinter.c:754:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(args, "-use ");
data/python3-stdlib-extensions-3.9.0/3.8/Modules/tkappinit.c:38:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tclLibPath[MAX_PATH_LEN], tkLibPath[MAX_PATH_LEN];
data/python3-stdlib-extensions-3.9.0/3.9/Modules/_gdbmmodule.c:627:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[40];
data/python3-stdlib-extensions-3.9.0/3.9/Modules/_tkinter.c:748:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(args, "-sync");
data/python3-stdlib-extensions-3.9.0/3.9/Modules/_tkinter.c:752:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(args, "-use ");
data/python3-stdlib-extensions-3.9.0/3.9/Modules/tkappinit.c:38:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tclLibPath[MAX_PATH_LEN], tkLibPath[MAX_PATH_LEN];
data/python3-stdlib-extensions-3.9.0/3.10/Modules/_gdbmmodule.c:669:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) != (size_t)PyBytes_GET_SIZE(filenamebytes)) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/_tkinter.c:428:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return unicodeFromTclStringAndSize(s, strlen(s));
data/python3-stdlib-extensions-3.9.0/3.10/Modules/_tkinter.c:705:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argv0 = (char*)PyMem_Malloc(strlen(className) + 1);
data/python3-stdlib-extensions-3.9.0/3.10/Modules/_tkinter.c:737:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(use) + sizeof "-use "; /* never overflows */
data/python3-stdlib-extensions-3.9.0/3.10/Modules/_tkinter.c:751:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(args, " ");
data/python3-stdlib-extensions-3.9.0/3.10/Modules/_tkinter.c:960:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s != NULL && strlen(s) >= INT_MAX) { \
data/python3-stdlib-extensions-3.9.0/3.10/Modules/_tkinter.c:1705:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)PyBytes_GET_SIZE(in)) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/_tkinter.c:1722:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)size) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/_tkinter.c:2258:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(list) >= INT_MAX) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/_tkinter.c:2339:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(list) >= INT_MAX) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/clinic/_gdbmmodule.c.h:326:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(flags) != (size_t)flags_length) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/clinic/_tkinter.c.h:31:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(script) != (size_t)script_length) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/clinic/_tkinter.c.h:67:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fileName) != (size_t)fileName_length) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/clinic/_tkinter.c.h:103:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(script) != (size_t)script_length) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/clinic/_tkinter.c.h:139:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(msg) != (size_t)msg_length) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/clinic/_tkinter.c.h:199:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)s_length) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/clinic/_tkinter.c.h:235:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)s_length) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/clinic/_tkinter.c.h:271:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)s_length) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/clinic/_tkinter.c.h:307:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)s_length) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/clinic/_tkinter.c.h:364:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) != (size_t)name_length) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/clinic/_tkinter.c.h:401:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) != (size_t)name_length) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/clinic/_tkinter.c.h:708:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(screenName) != (size_t)screenName_length) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/clinic/_tkinter.c.h:729:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(baseName) != (size_t)baseName_length) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/clinic/_tkinter.c.h:745:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(className) != (size_t)className_length) {
data/python3-stdlib-extensions-3.9.0/3.10/Modules/clinic/_tkinter.c.h:789:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(use) != (size_t)use_length) {
data/python3-stdlib-extensions-3.9.0/3.6/Modules/_gdbmmodule.c:620:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) != (size_t)PyBytes_GET_SIZE(filenamebytes)) {
data/python3-stdlib-extensions-3.9.0/3.6/Modules/_tkinter.c:420:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return unicodeFromTclStringAndSize(s, strlen(s));
data/python3-stdlib-extensions-3.9.0/3.6/Modules/_tkinter.c:687:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argv0 = (char*)PyMem_Malloc(strlen(className) + 1);
data/python3-stdlib-extensions-3.9.0/3.6/Modules/_tkinter.c:719:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(use) + sizeof "-use "; /* never overflows */
data/python3-stdlib-extensions-3.9.0/3.6/Modules/_tkinter.c:733:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(args, " ");
data/python3-stdlib-extensions-3.9.0/3.6/Modules/_tkinter.c:981:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s != NULL && strlen(s) >= INT_MAX) { \
data/python3-stdlib-extensions-3.9.0/3.6/Modules/_tkinter.c:1732:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)PyBytes_GET_SIZE(in)) {
data/python3-stdlib-extensions-3.9.0/3.6/Modules/_tkinter.c:1749:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)size) {
data/python3-stdlib-extensions-3.9.0/3.6/Modules/_tkinter.c:2292:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(list) >= INT_MAX) {
data/python3-stdlib-extensions-3.9.0/3.6/Modules/_tkinter.c:2367:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(list) >= INT_MAX) {
data/python3-stdlib-extensions-3.9.0/3.7/Modules/_gdbmmodule.c:615:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) != (size_t)PyBytes_GET_SIZE(filenamebytes)) {
data/python3-stdlib-extensions-3.9.0/3.7/Modules/_tkinter.c:430:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return unicodeFromTclStringAndSize(s, strlen(s));
data/python3-stdlib-extensions-3.9.0/3.7/Modules/_tkinter.c:708:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argv0 = (char*)PyMem_Malloc(strlen(className) + 1);
data/python3-stdlib-extensions-3.9.0/3.7/Modules/_tkinter.c:740:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(use) + sizeof "-use "; /* never overflows */
data/python3-stdlib-extensions-3.9.0/3.7/Modules/_tkinter.c:754:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(args, " ");
data/python3-stdlib-extensions-3.9.0/3.7/Modules/_tkinter.c:964:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s != NULL && strlen(s) >= INT_MAX) { \
data/python3-stdlib-extensions-3.9.0/3.7/Modules/_tkinter.c:1709:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)PyBytes_GET_SIZE(in)) {
data/python3-stdlib-extensions-3.9.0/3.7/Modules/_tkinter.c:1726:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)size) {
data/python3-stdlib-extensions-3.9.0/3.7/Modules/_tkinter.c:2264:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(list) >= INT_MAX) {
data/python3-stdlib-extensions-3.9.0/3.7/Modules/_tkinter.c:2339:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(list) >= INT_MAX) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/_gdbmmodule.c:637:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) != (size_t)PyBytes_GET_SIZE(filenamebytes)) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/_tkinter.c:430:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return unicodeFromTclStringAndSize(s, strlen(s));
data/python3-stdlib-extensions-3.9.0/3.8/Modules/_tkinter.c:707:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argv0 = (char*)PyMem_Malloc(strlen(className) + 1);
data/python3-stdlib-extensions-3.9.0/3.8/Modules/_tkinter.c:739:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(use) + sizeof "-use "; /* never overflows */
data/python3-stdlib-extensions-3.9.0/3.8/Modules/_tkinter.c:753:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(args, " ");
data/python3-stdlib-extensions-3.9.0/3.8/Modules/_tkinter.c:962:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s != NULL && strlen(s) >= INT_MAX) { \
data/python3-stdlib-extensions-3.9.0/3.8/Modules/_tkinter.c:1707:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)PyBytes_GET_SIZE(in)) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/_tkinter.c:1724:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)size) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/_tkinter.c:2262:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(list) >= INT_MAX) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/_tkinter.c:2337:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(list) >= INT_MAX) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/clinic/_gdbmmodule.c.h:279:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(flags) != (size_t)flags_length) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/clinic/_tkinter.c.h:31:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(script) != (size_t)script_length) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/clinic/_tkinter.c.h:67:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fileName) != (size_t)fileName_length) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/clinic/_tkinter.c.h:103:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(script) != (size_t)script_length) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/clinic/_tkinter.c.h:139:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(msg) != (size_t)msg_length) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/clinic/_tkinter.c.h:199:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)s_length) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/clinic/_tkinter.c.h:235:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)s_length) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/clinic/_tkinter.c.h:271:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)s_length) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/clinic/_tkinter.c.h:307:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)s_length) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/clinic/_tkinter.c.h:364:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) != (size_t)name_length) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/clinic/_tkinter.c.h:401:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) != (size_t)name_length) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/clinic/_tkinter.c.h:728:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(screenName) != (size_t)screenName_length) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/clinic/_tkinter.c.h:749:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(baseName) != (size_t)baseName_length) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/clinic/_tkinter.c.h:765:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(className) != (size_t)className_length) {
data/python3-stdlib-extensions-3.9.0/3.8/Modules/clinic/_tkinter.c.h:829:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(use) != (size_t)use_length) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/_gdbmmodule.c:657:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) != (size_t)PyBytes_GET_SIZE(filenamebytes)) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/_tkinter.c:428:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return unicodeFromTclStringAndSize(s, strlen(s));
data/python3-stdlib-extensions-3.9.0/3.9/Modules/_tkinter.c:705:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
argv0 = (char*)PyMem_Malloc(strlen(className) + 1);
data/python3-stdlib-extensions-3.9.0/3.9/Modules/_tkinter.c:737:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(use) + sizeof "-use "; /* never overflows */
data/python3-stdlib-extensions-3.9.0/3.9/Modules/_tkinter.c:751:17: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(args, " ");
data/python3-stdlib-extensions-3.9.0/3.9/Modules/_tkinter.c:960:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s != NULL && strlen(s) >= INT_MAX) { \
data/python3-stdlib-extensions-3.9.0/3.9/Modules/_tkinter.c:1705:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)PyBytes_GET_SIZE(in)) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/_tkinter.c:1722:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)size) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/_tkinter.c:2258:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(list) >= INT_MAX) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/_tkinter.c:2339:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(list) >= INT_MAX) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/clinic/_gdbmmodule.c.h:279:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(flags) != (size_t)flags_length) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/clinic/_tkinter.c.h:31:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(script) != (size_t)script_length) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/clinic/_tkinter.c.h:67:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fileName) != (size_t)fileName_length) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/clinic/_tkinter.c.h:103:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(script) != (size_t)script_length) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/clinic/_tkinter.c.h:139:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(msg) != (size_t)msg_length) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/clinic/_tkinter.c.h:199:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)s_length) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/clinic/_tkinter.c.h:235:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)s_length) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/clinic/_tkinter.c.h:271:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)s_length) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/clinic/_tkinter.c.h:307:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) != (size_t)s_length) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/clinic/_tkinter.c.h:364:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) != (size_t)name_length) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/clinic/_tkinter.c.h:401:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) != (size_t)name_length) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/clinic/_tkinter.c.h:728:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(screenName) != (size_t)screenName_length) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/clinic/_tkinter.c.h:749:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(baseName) != (size_t)baseName_length) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/clinic/_tkinter.c.h:765:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(className) != (size_t)className_length) {
data/python3-stdlib-extensions-3.9.0/3.9/Modules/clinic/_tkinter.c.h:829:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(use) != (size_t)use_length) {
ANALYSIS SUMMARY:
Hits = 125
Lines analyzed = 28030 in approximately 2.23 seconds (12549 lines/second)
Physical Source Lines of Code (SLOC) = 20830
Hits@level = [0] 5 [1] 95 [2] 20 [3] 0 [4] 10 [5] 0
Hits@level+ = [0+] 130 [1+] 125 [2+] 30 [3+] 10 [4+] 10 [5+] 0
Hits/KSLOC@level+ = [0+] 6.241 [1+] 6.00096 [2+] 1.44023 [3+] 0.480077 [4+] 0.480077 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.