Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/qsopt-ex-2.5.10.3/esolver/esolver.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/QSopt_ex.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/QSopt_ex_version.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/QSopt_ex_version.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/allocrus.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/allocrus.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/basicdefs.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/basis.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/basis.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/bgetopt.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/bgetopt.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/binary.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/binary.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/dheaps_i.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/dheaps_i.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/dstruct.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/dstruct.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/editor.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/editor.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_elist.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_exact.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_exutil.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_exutil.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.dbl.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.mpf.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.mpq.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_macros.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_macros.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_mem.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_memslab.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_memslab.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_nummacros.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_numutil.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_numutil.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/eg_timer.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/exact.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/exact.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/except.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/except.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/factor.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/factor.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/fct.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/fct.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/format.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/format.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/lib.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/logging-private.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/logging.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/logging.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/lp.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/lpdata.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/lpdata.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/lpdefs.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/mps.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/mps.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/names.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/names.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/presolve.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/presolve.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/price.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/price.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/priority.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/priority.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/qs_config.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/qstruct.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/ratio.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/ratio.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/rawlp.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/rawlp.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/reader.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/reader.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/readline.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/readline.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/reporter.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/reporter.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/sortrus.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/sortrus.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/sortrus_common.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/sortrus_common.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/stddefs.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/trace.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/urandom.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/urandom.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/util.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/util.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.h Examining data/qsopt-ex-2.5.10.3/qsopt_ex/zeit.c Examining data/qsopt-ex-2.5.10.3/qsopt_ex/zeit.h Examining data/qsopt-ex-2.5.10.3/tests/eg_lpnum_ex.c Examining data/qsopt-ex-2.5.10.3/tests/eg_sloan.c Examining data/qsopt-ex-2.5.10.3/tests/eg_sloan.h Examining data/qsopt-ex-2.5.10.3/tests/ftest.c Examining data/qsopt-ex-2.5.10.3/tests/ftest.h Examining data/qsopt-ex-2.5.10.3/tests/solver.c Examining data/qsopt-ex-2.5.10.3/tests/solver.h Examining data/qsopt-ex-2.5.10.3/tests/test_qs.c FINAL RESULTS: data/qsopt-ex-2.5.10.3/esolver/esolver.c:355:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (out_f_name, "%s", solname); data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:464:2: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(buf,EGio_BUFSIZE,format,va); data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.mpf.h:107:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(__out+__lo+2,"%s",__lpstr__+__lo);\ data/qsopt-ex-2.5.10.3/qsopt_ex/eg_timer.h:84:13: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. #error Your system does not have (or the configure script could not find)\ data/qsopt-ex-2.5.10.3/qsopt_ex/eg_timer.h:86:71: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. timing functions. Without them this library will not compile in this system data/qsopt-ex-2.5.10.3/qsopt_ex/format.c:63:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (error->desc, desc); data/qsopt-ex-2.5.10.3/qsopt_ex/format.c:70:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (error->theLine, theLine); data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:2873:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy ((*names)[i], qslp->rownames[rowlist[i]]); data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:3078:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy ((*names)[i], qslp->colnames[collist[i]]); data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:3374:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (rownames[i], qslp->rownames[i]); data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:3470:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (colnames[i], qslp->colnames[i]); data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:4234:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (buf, name); data/qsopt-ex-2.5.10.3/qsopt_ex/logging.c:46:10: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. int n = vsnprintf(NULL, 0, format, args2); data/qsopt-ex-2.5.10.3/qsopt_ex/logging.c:60:6: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. n = vsnprintf(buffer, n+1, format, args); data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:636:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (buf, old_name); data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:972:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (objname, name); data/qsopt-ex-2.5.10.3/qsopt_ex/lpdata.c:715:9: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. rval = vsprintf (buffer, format, argptr); data/qsopt-ex-2.5.10.3/qsopt_ex/mps.c:794:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (bndtype, state->field); data/qsopt-ex-2.5.10.3/qsopt_ex/names.c:81:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy ((*names)[i], buf); data/qsopt-ex-2.5.10.3/qsopt_ex/presolve.c:976:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (info->colnames[ncols], colnames[j]); data/qsopt-ex-2.5.10.3/qsopt_ex/presolve.c:1004:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (info->colnames[ncols], buf); data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:597:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (p->name, name); data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:609:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (p->qslp->probname, p->name); data/qsopt-ex-2.5.10.3/qsopt_ex/rawlp.c:1713:2: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf (error_desc, format, args); data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:121:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (state->line, state->realline); data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:194:6: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf (state->p, "%s", state->field) != EOF) data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:644:2: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf (error_desc, format, args); data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:116:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf (state->p, "%s", state->key) == 1) data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:123:10: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf (state->p, "%s", state->field) == 1) data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:144:8: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf (state->p, "%s", state->field) < 1) data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:188:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf (state->p, "%s", state->field) == 1) data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:471:2: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf (error_desc, format, args); data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.c:879:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buffer, "starting EGLPNUM_TYPENAME_ILLsimplex on %s...", lp->O->probname); data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:625:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (h->namelist + h->strsize, s); data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:670:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (new_var, prefix); data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:703:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (prefix, "%s", try_prefix[0]); data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:710:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (new, "%s_%d", new_pre, i); data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:717:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (name, new); data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:827:12: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. nwords = sscanf (line, "%s%s%s", cmd, symbol, str); data/qsopt-ex-2.5.10.3/qsopt_ex/util.c:279:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (cpy, str); data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:74:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (line->p, "%s", str); data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:155:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (line->p, "%s%n", numstr, &len); data/qsopt-ex-2.5.10.3/tests/eg_sloan.c:66:14: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt (argc, argv, "a:b:c:e:s:d:o:t:")) != EOF) data/qsopt-ex-2.5.10.3/esolver/esolver.c:96:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[4096],*argv[128]; data/qsopt-ex-2.5.10.3/esolver/esolver.c:203:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). precision = atoi (boptarg); data/qsopt-ex-2.5.10.3/esolver/esolver.c:207:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dstrategy = atoi (boptarg); data/qsopt-ex-2.5.10.3/esolver/esolver.c:218:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pstrategy = atoi (boptarg); data/qsopt-ex-2.5.10.3/esolver/esolver.c:353:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out_f_name[1024]; data/qsopt-ex-2.5.10.3/qsopt_ex/allocrus.c:117:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char space[ILL_BIGCHUNK]; data/qsopt-ex-2.5.10.3/qsopt_ex/bgetopt.c:75:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bwarn[2]; data/qsopt-ex-2.5.10.3/qsopt_ex/editor.c:82:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *commands[NCOMMAND + 1]; data/qsopt-ex-2.5.10.3/qsopt_ex/editor.c:83:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char hasSubCmd[NCOMMAND + 1]; data/qsopt-ex-2.5.10.3/qsopt_ex/editor.c:447:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/editor.c:553:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sense[1]; data/qsopt-ex-2.5.10.3/qsopt_ex/editor.c:610:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *name[1]; data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:65:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char __EGiobuff[256] = data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:144:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char __EGiobuff[256] = data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:315:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). *param = atoi(argv[1]); data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:343:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). *param = atoi(argv[1]); data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:415:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). *param = atoi(argv[0]); data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:428:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[EGio_BUFSIZE]; data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:460:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[EGio_BUFSIZE]; data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:486:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lmode[8]; data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:510:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file->file = fopen(path,lmode); data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.h:67:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE*__EGsFILE = fopen(__EGsfile,__EGsmode);\ data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.c:205:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rptr,ptr,msz); data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.c:223:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rptr,ptr,msz); data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.c:325:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char mc[5][3] = {"b ","Kb","Mb","Gb","Tb"}; data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.dbl.h:336:46: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define dbl_EGlpNumCopyArray(dest,orig,size) memcpy(dest,orig,sizeof(double)*(size)) data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.mpf.h:87:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char __lpstr__[4096];\ data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.mpf.h:101:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char __lpstr__[4096];\ data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.mpf.h:105:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if(__lo) sprintf(__out,"-0.");\ data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.mpf.h:106:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. else sprintf(__out,"0.");\ data/qsopt-ex-2.5.10.3/qsopt_ex/exact.c:777:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stmp[1024]; data/qsopt-ex-2.5.10.3/qsopt_ex/exact.c:934:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char __sp[81] = data/qsopt-ex-2.5.10.3/qsopt_ex/factor.c:2781:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fnambuf[40]; data/qsopt-ex-2.5.10.3/qsopt_ex/factor.c:2796:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (fnambuf, "prob.mat.%d.gz", fsavecnt); data/qsopt-ex-2.5.10.3/qsopt_ex/factor.c:2798:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (fnambuf, "prob.mat.%d.bz2", fsavecnt); data/qsopt-ex-2.5.10.3/qsopt_ex/factor.c:2800:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (fnambuf, "prob.mat.%d", fsavecnt); data/qsopt-ex-2.5.10.3/qsopt_ex/format.h:108:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char has_error[QS_INPUT_NERROR]; data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:1169:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:2121:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:4209:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *name, data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:4211:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[ILL_namebufsize]) data/qsopt-ex-2.5.10.3/qsopt_ex/lib.h:127:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *name, data/qsopt-ex-2.5.10.3/qsopt_ex/lib.h:129:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[ILL_namebufsize]); data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:608:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:609:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p1[2], p2[3]; data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:639:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d", i); data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:647:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d", i); data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:722:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *bnds[3], *integer[3], *end[2]; data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:936:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char objname[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:967:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (objname, "obj"); data/qsopt-ex-2.5.10.3/qsopt_ex/lpdata.c:712:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/mps.c:72:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *EGLPNUM_TYPENAME_ILLmps_section_name[ILL_MPS_N_SECTIONS + 2] = { data/qsopt-ex-2.5.10.3/qsopt_ex/mps.c:780:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bndtype[3]; data/qsopt-ex-2.5.10.3/qsopt_ex/mps.c:1110:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/mps.c:1125:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (buf, "obj"); data/qsopt-ex-2.5.10.3/qsopt_ex/mps.h:36:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. extern const char *EGLPNUM_TYPENAME_ILLmps_section_name[ILL_MPS_N_SECTIONS + 2]; data/qsopt-ex-2.5.10.3/qsopt_ex/names.c:77:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%c%d", prefix, i); data/qsopt-ex-2.5.10.3/qsopt_ex/presolve.c:994:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "s%d", i); data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:603:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (p->name, "noname"); data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:707:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:774:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (buf, "obj"); data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:1016:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vsense[1]; data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:1017:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *vnames[1]; data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:1084:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vsense[1]; data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:1085:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *vnames[1]; data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:1460:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vsenselist[1]; data/qsopt-ex-2.5.10.3/qsopt_ex/rawlp.c:851:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uname2[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/rawlp.c:1711:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_desc[256]; data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:635:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_desc[256]; data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:724:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char field[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.h:54:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char realline[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.h:55:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.h:56:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char field[ILL_namebufsize + 1]; data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:455:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_desc[256]; data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.h:43:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.h:44:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.h:45:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char field[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/reader.c:115:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen (fname, "r"); data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.c:873:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[256]; data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.c:1349:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char print_str[20]; data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.c:1364:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (print_str, "primal infeas"); data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.c:1376:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (print_str, "primal objval"); data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.c:1381:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (print_str, "dual infeas"); data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.c:1385:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (print_str, "dual objval"); data/qsopt-ex-2.5.10.3/qsopt_ex/simplex.c:3005:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/qsopt-ex-2.5.10.3/qsopt_ex/sortrus_common.c:126:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *head[NBINS]; data/qsopt-ex-2.5.10.3/qsopt_ex/sortrus_common.c:127:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char **tail[NBINS]; data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:218:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. k = look_it_up (h, (const char *) names[i]); data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:684:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *try_prefix[3]; data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:685:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prefix[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:686:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char new_pre[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:687:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char new[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:724:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *pref, data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:725:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uname2[ILL_namebufsize]) data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:729:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (uname2, "%d", i); data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:808:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *prefix[3]; data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:810:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[100], symbol[100], line[256], str[100]; data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:866:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). i = atoi (symbol); data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:873:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). i = atoi (symbol); data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.h:103:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *s, data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.h:110:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char **names), data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.h:113:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *name, data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.h:117:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *s), data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.h:120:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *s), data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.h:123:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[ILL_namebufsize], data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.h:130:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *pref, data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.h:131:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uname[ILL_namebufsize]); data/qsopt-ex-2.5.10.3/qsopt_ex/urandom.c:156:6: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). m = atoi (av[1]); /* Number to discard initially */ data/qsopt-ex-2.5.10.3/qsopt_ex/urandom.c:157:6: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n = atoi (av[2]); /* Number to print */ data/qsopt-ex-2.5.10.3/qsopt_ex/urandom.c:158:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). seed = atoi (av[3]); /* Seed */ data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:94:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (line->p, " - "); data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:102:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (line->p, " + "); data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:218:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (line->p, "%.0f%n", x, &k); data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:231:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (line->p, "/1%n", &k); data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.h:44:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[ILL_namebufsize]; data/qsopt-ex-2.5.10.3/qsopt_ex/zeit.h:35:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[40]; data/qsopt-ex-2.5.10.3/tests/eg_sloan.c:35:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strtmp[1024]; data/qsopt-ex-2.5.10.3/tests/eg_sloan.c:71:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). s1 = atoi (optarg); data/qsopt-ex-2.5.10.3/tests/eg_sloan.c:74:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). s2 = atoi (optarg); data/qsopt-ex-2.5.10.3/tests/eg_sloan.c:77:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). k1 = atoi (optarg); data/qsopt-ex-2.5.10.3/tests/eg_sloan.c:80:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). k2 = atoi (optarg); data/qsopt-ex-2.5.10.3/tests/eg_sloan.c:83:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). use_scaling = atoi (optarg); data/qsopt-ex-2.5.10.3/tests/eg_sloan.c:86:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). use_double = atoi (optarg); data/qsopt-ex-2.5.10.3/tests/eg_sloan.c:92:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). t = atoi (optarg); data/qsopt-ex-2.5.10.3/tests/ftest.c:62:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[4096]; data/qsopt-ex-2.5.10.3/tests/ftest.c:65:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[MAXITER]; data/qsopt-ex-2.5.10.3/tests/ftest.c:120:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dim = atoi(l_argv[0]); data/qsopt-ex-2.5.10.3/tests/ftest.c:121:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ncol = atoi(l_argv[1]); data/qsopt-ex-2.5.10.3/tests/ftest.c:122:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nzcnt = atoi(l_argv[2]); data/qsopt-ex-2.5.10.3/tests/ftest.c:140:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). basis[i] = atoi(l_argv[i]); data/qsopt-ex-2.5.10.3/tests/ftest.c:157:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cind[nz] = atoi(l_argv[2*i+1]); data/qsopt-ex-2.5.10.3/tests/ftest.c:185:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). col[niter] = atoi(l_argv[l_par++]); data/qsopt-ex-2.5.10.3/tests/ftest.c:203:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nzcnt = atoi(l_argv[l_par++]); data/qsopt-ex-2.5.10.3/tests/ftest.c:207:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). x.indx[i] = atoi(l_argv[l_par++]); data/qsopt-ex-2.5.10.3/tests/solver.c:275:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). precision = atoi (boptarg); data/qsopt-ex-2.5.10.3/tests/solver.c:279:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dstrategy = atoi (boptarg); data/qsopt-ex-2.5.10.3/tests/solver.c:297:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pstrategy = atoi (boptarg); data/qsopt-ex-2.5.10.3/tests/test_qs.c:52:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sense[2] = { 'L', 'E' }; data/qsopt-ex-2.5.10.3/tests/test_qs.c:53:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *colnames[3] = { "x", "y", "z" }; data/qsopt-ex-2.5.10.3/tests/test_qs.c:54:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *rownames[2] = { "c1", "c2"}; data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:63:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t clen = strlen(comment); data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:64:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t dlen = strlen(delim); data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:142:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t clen = strlen(comment); data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:143:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t dlen = strlen(delim); data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:279:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t len = strlen(name)+5; data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:307:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t len = strlen(name)+5; data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:335:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t len = strlen(name)+5; data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:363:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t len = strlen(name)+5; data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:388:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). const size_t len = strlen(name)+5; data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:432:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(buf); data/qsopt-ex-2.5.10.3/qsopt_ex/eg_io.c:487:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int len = strlen(path); data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.mpf.h:91:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __i = strlen(__lpstr__);\ data/qsopt-ex-2.5.10.3/qsopt_ex/eg_lpnum.mpf.h:103:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __pos = strlen(__lpstr__) + ((size_t)(__lo + 2));\ data/qsopt-ex-2.5.10.3/qsopt_ex/format.c:60:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (desc); data/qsopt-ex-2.5.10.3/qsopt_ex/format.c:67:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (theLine); data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:2870:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (qslp->rownames[rowlist[i]]) + 1; data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:3075:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (qslp->colnames[collist[i]]) + 1; data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:3371:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (qslp->rownames[i]) + 1; data/qsopt-ex-2.5.10.3/qsopt_ex/lib.c:3467:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (qslp->colnames[i]) + 1; data/qsopt-ex-2.5.10.3/qsopt_ex/lp.c:635:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen (old_name); data/qsopt-ex-2.5.10.3/qsopt_ex/names.c:78:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (buf) + 1; data/qsopt-ex-2.5.10.3/qsopt_ex/presolve.c:967:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (colnames[j]) + 1; data/qsopt-ex-2.5.10.3/qsopt_ex/presolve.c:995:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (buf) + 1; data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:594:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (name) + 1; data/qsopt-ex-2.5.10.3/qsopt_ex/qsopt.c:606:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (p->name) + 1; data/qsopt-ex-2.5.10.3/qsopt_ex/rawlp.c:1714:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). slen = strlen (error_desc); data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:147:2: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy (state->realline, "\n"); data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:196:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). state->p += strlen (state->field); data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:274:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (state->field, state->p, (size_t) var_len); data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:400:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncasecmp (state->p, str, strlen (str)) == 0) data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:402:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). state->p += strlen (str); data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:645:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). slen = strlen (error_desc); data/qsopt-ex-2.5.10.3/qsopt_ex/read_lp.c:777:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (field, line, (size_t) i); data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:118:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). state->p += strlen (state->key); data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:125:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). state->p += strlen (state->field); data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:154:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). state->p += strlen (state->field); data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:190:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). state->p += strlen (state->field) + 1; data/qsopt-ex-2.5.10.3/qsopt_ex/read_mps.c:472:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). slen = strlen (error_desc); data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:514:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). h->freedchars += strlen (h->namelist + h->nametable[del_ind].symbol) + 1; data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:619:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen (s) + 1; data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:662:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t plen = strlen (prefix); data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:663:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t nlen = strlen (name); data/qsopt-ex-2.5.10.3/qsopt_ex/symtab.c:672:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (p, name, nlen + 1); data/qsopt-ex-2.5.10.3/qsopt_ex/util.c:276:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (str) + 1; data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:75:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen (line->p); data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:107:4: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf (line->p, " "); data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:198:3: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf (line->p, "-"); data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:224:3: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf (line->p, "0"); data/qsopt-ex-2.5.10.3/qsopt_ex/write_lp.c:236:4: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sprintf (line->p, "0"); data/qsopt-ex-2.5.10.3/qsopt_ex/zeit.c:196:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy (t->name, "ANONYMOUS", sizeof (t->name) - 1); data/qsopt-ex-2.5.10.3/qsopt_ex/zeit.c:200:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (t->name, name, sizeof (t->name) - 1); ANALYSIS SUMMARY: Hits = 234 Lines analyzed = 57513 in approximately 1.33 seconds (43250 lines/second) Physical Source Lines of Code (SLOC) = 43350 Hits@level = [0] 227 [1] 51 [2] 140 [3] 1 [4] 42 [5] 0 Hits@level+ = [0+] 461 [1+] 234 [2+] 183 [3+] 43 [4+] 42 [5+] 0 Hits/KSLOC@level+ = [0+] 10.6344 [1+] 5.39792 [2+] 4.22145 [3+] 0.991926 [4+] 0.968858 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.