Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/r-cran-rbibutils-2.0/src/url.h
Examining data/r-cran-rbibutils-2.0/src/ebiin.c
Examining data/r-cran-rbibutils-2.0/src/bibutils.c
Examining data/r-cran-rbibutils-2.0/src/str_conv.h
Examining data/r-cran-rbibutils-2.0/src/bibtexin.c
Examining data/r-cran-rbibutils-2.0/src/modstypes.c
Examining data/r-cran-rbibutils-2.0/src/vplist.c
Examining data/r-cran-rbibutils-2.0/src/nbibin.c
Examining data/r-cran-rbibutils-2.0/src/name.c
Examining data/r-cran-rbibutils-2.0/src/title.c
Examining data/r-cran-rbibutils-2.0/src/nbibtypes.c
Examining data/r-cran-rbibutils-2.0/src/bltypes.c
Examining data/r-cran-rbibutils-2.0/src/unicode.h
Examining data/r-cran-rbibutils-2.0/src/isiout.c
Examining data/r-cran-rbibutils-2.0/src/unicode.c
Examining data/r-cran-rbibutils-2.0/src/tomods.c
Examining data/r-cran-rbibutils-2.0/src/bibtextypes.c
Examining data/r-cran-rbibutils-2.0/src/endtypes.c
Examining data/r-cran-rbibutils-2.0/src/utf8.h
Examining data/r-cran-rbibutils-2.0/src/slist.c
Examining data/r-cran-rbibutils-2.0/src/fields.c
Examining data/r-cran-rbibutils-2.0/src/xml_encoding.c
Examining data/r-cran-rbibutils-2.0/src/adsout_journals.c
Examining data/r-cran-rbibutils-2.0/src/xml2any.c
Examining data/r-cran-rbibutils-2.0/src/is_ws.c
Examining data/r-cran-rbibutils-2.0/src/intlist.h
Examining data/r-cran-rbibutils-2.0/src/entities.c
Examining data/r-cran-rbibutils-2.0/src/intlist.c
Examining data/r-cran-rbibutils-2.0/src/iso639_1.h
Examining data/r-cran-rbibutils-2.0/src/pages.h
Examining data/r-cran-rbibutils-2.0/src/bibtexout.c
Examining data/r-cran-rbibutils-2.0/src/bibprog.c
Examining data/r-cran-rbibutils-2.0/src/iso639_3.c
Examining data/r-cran-rbibutils-2.0/src/title.h
Examining data/r-cran-rbibutils-2.0/src/notes.c
Examining data/r-cran-rbibutils-2.0/src/latex.c
Examining data/r-cran-rbibutils-2.0/src/notes.h
Examining data/r-cran-rbibutils-2.0/src/gb18030.h
Examining data/r-cran-rbibutils-2.0/src/str_conv.c
Examining data/r-cran-rbibutils-2.0/src/wordin.c
Examining data/r-cran-rbibutils-2.0/src/copactypes.c
Examining data/r-cran-rbibutils-2.0/src/bibl.c
Examining data/r-cran-rbibutils-2.0/src/iso639_3.h
Examining data/r-cran-rbibutils-2.0/src/init.c
Examining data/r-cran-rbibutils-2.0/src/type.c
Examining data/r-cran-rbibutils-2.0/src/str.h
Examining data/r-cran-rbibutils-2.0/src/charsets.c
Examining data/r-cran-rbibutils-2.0/src/args.c
Examining data/r-cran-rbibutils-2.0/src/wordout.c
Examining data/r-cran-rbibutils-2.0/src/bibutils.h
Examining data/r-cran-rbibutils-2.0/src/endxmlin.c
Examining data/r-cran-rbibutils-2.0/src/modsout.c
Examining data/r-cran-rbibutils-2.0/src/gb18030.c
Examining data/r-cran-rbibutils-2.0/src/generic.c
Examining data/r-cran-rbibutils-2.0/src/marc_auth.c
Examining data/r-cran-rbibutils-2.0/src/bibprog.h
Examining data/r-cran-rbibutils-2.0/src/nbibout.c
Examining data/r-cran-rbibutils-2.0/src/entities.h
Examining data/r-cran-rbibutils-2.0/src/type.h
Examining data/r-cran-rbibutils-2.0/src/bibdefs.h
Examining data/r-cran-rbibutils-2.0/src/strsearch.h
Examining data/r-cran-rbibutils-2.0/src/endout.c
Examining data/r-cran-rbibutils-2.0/src/latex_parse.h
Examining data/r-cran-rbibutils-2.0/src/serialno.h
Examining data/r-cran-rbibutils-2.0/src/vplist.h
Examining data/r-cran-rbibutils-2.0/src/bu_auth.c
Examining data/r-cran-rbibutils-2.0/src/bibcore.c
Examining data/r-cran-rbibutils-2.0/src/xml.h
Examining data/r-cran-rbibutils-2.0/src/serialno.c
Examining data/r-cran-rbibutils-2.0/src/url.c
Examining data/r-cran-rbibutils-2.0/src/xml.c
Examining data/r-cran-rbibutils-2.0/src/str.c
Examining data/r-cran-rbibutils-2.0/src/reftypes.c
Examining data/r-cran-rbibutils-2.0/src/utf8.c
Examining data/r-cran-rbibutils-2.0/src/slist.h
Examining data/r-cran-rbibutils-2.0/src/tomods.h
Examining data/r-cran-rbibutils-2.0/src/latex_parse.c
Examining data/r-cran-rbibutils-2.0/src/biblatexin.c
Examining data/r-cran-rbibutils-2.0/src/iso639_1.c
Examining data/r-cran-rbibutils-2.0/src/generic.h
Examining data/r-cran-rbibutils-2.0/src/args.h
Examining data/r-cran-rbibutils-2.0/src/charsets.h
Examining data/r-cran-rbibutils-2.0/src/bu_auth.h
Examining data/r-cran-rbibutils-2.0/src/bibl.h
Examining data/r-cran-rbibutils-2.0/src/adsout.c
Examining data/r-cran-rbibutils-2.0/src/copacin.c
Examining data/r-cran-rbibutils-2.0/src/biblatexout.c
Examining data/r-cran-rbibutils-2.0/src/latex.h
Examining data/r-cran-rbibutils-2.0/src/modstypes.h
Examining data/r-cran-rbibutils-2.0/src/endin.c
Examining data/r-cran-rbibutils-2.0/src/iso639_2.c
Examining data/r-cran-rbibutils-2.0/src/iso639_2.h
Examining data/r-cran-rbibutils-2.0/src/fields.h
Examining data/r-cran-rbibutils-2.0/src/strsearch.c
Examining data/r-cran-rbibutils-2.0/src/isiin.c
Examining data/r-cran-rbibutils-2.0/src/bibentryout.c
Examining data/r-cran-rbibutils-2.0/src/xml_encoding.h
Examining data/r-cran-rbibutils-2.0/src/name.h
Examining data/r-cran-rbibutils-2.0/src/marc_auth.h
Examining data/r-cran-rbibutils-2.0/src/ristypes.c
Examining data/r-cran-rbibutils-2.0/src/modsin.c
Examining data/r-cran-rbibutils-2.0/src/bibformats.h
Examining data/r-cran-rbibutils-2.0/src/risout.c
Examining data/r-cran-rbibutils-2.0/src/pages.c
Examining data/r-cran-rbibutils-2.0/src/is_ws.h
Examining data/r-cran-rbibutils-2.0/src/isitypes.c
Examining data/r-cran-rbibutils-2.0/src/risin.c
Examining data/r-cran-rbibutils-2.0/src/medin.c
Examining data/r-cran-rbibutils-2.0/src/any2xml.c
Examining data/r-cran-rbibutils-2.0/src/reftypes.h
FINAL RESULTS:
data/r-cran-rbibutils-2.0/src/adsout.c:329:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( outstr, "%02d/%s", month, str_cstr( year ) );
data/r-cran-rbibutils-2.0/src/bibcore.c:929:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( outfile,"%s.%s",(char*)fields_value(reffields,found,FIELDS_CHRP_NOUSE), suffix );
data/r-cran-rbibutils-2.0/src/bibcore.c:930:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
} else sprintf( outfile,"%ld.%s",nref, suffix );
data/r-cran-rbibutils-2.0/src/bibcore.c:938:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( outfile, "%s_%ld.%s", (char*)fields_value( reffields, found, FIELDS_CHRP_NOUSE ), count, suffix );
data/r-cran-rbibutils-2.0/src/bibcore.c:939:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf( outfile,"%ld_%ld.%s", nref, count, suffix );
data/r-cran-rbibutils-2.0/src/bibentryout.c:643:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( date, "DATE:%s", date_element );
data/r-cran-rbibutils-2.0/src/bibentryout.c:647:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( partdate, "PARTDATE:%s", date_element );
data/r-cran-rbibutils-2.0/src/biblatexout.c:509:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( date, "DATE:%s", date_element );
data/r-cran-rbibutils-2.0/src/biblatexout.c:513:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( partdate, "PARTDATE:%s", date_element );
data/r-cran-rbibutils-2.0/src/bibtexout.c:485:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( date, "DATE:%s", date_element );
data/r-cran-rbibutils-2.0/src/bibtexout.c:489:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf( partdate, "PARTDATE:%s", date_element );
data/r-cran-rbibutils-2.0/src/adsout.c:300:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( isdigit( (unsigned char)m[0] ) ) return atoi( m );
data/r-cran-rbibutils-2.0/src/adsout.c:323:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outstr[1000];
data/r-cran-rbibutils-2.0/src/adsout.c:340:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[6];
data/r-cran-rbibutils-2.0/src/adsout.c:343:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%I64d", n );
data/r-cran-rbibutils-2.0/src/adsout.c:345:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "%lld", n );
data/r-cran-rbibutils-2.0/src/adsout.c:507:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outstr[20], ch;
data/r-cran-rbibutils-2.0/src/adsout.c:511:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy( outstr, "..................." );
data/r-cran-rbibutils-2.0/src/adsout.c:516:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( n!=FIELDS_NOTFOUND ) output_4digit_value( outstr, atoi( fields_value( in, n, FIELDS_CHRP ) ) );
data/r-cran-rbibutils-2.0/src/adsout.c:530:59: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if ( n!=FIELDS_NOTFOUND ) output_4digit_value( outstr+9, atoi( fields_value( in, n, FIELDS_CHRP ) ) );
data/r-cran-rbibutils-2.0/src/bibcore.c:464:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256]="";
data/r-cran-rbibutils-2.0/src/bibcore.c:576:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/r-cran-rbibutils-2.0/src/bibcore.c:588:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "_%ld", i+1 );
data/r-cran-rbibutils-2.0/src/bibcore.c:603:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, buf[100];
data/r-cran-rbibutils-2.0/src/bibcore.c:637:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "ref%ld", nref );
data/r-cran-rbibutils-2.0/src/bibcore.c:914:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outfile[2048];
data/r-cran-rbibutils-2.0/src/bibcore.c:915:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suffix[5] = "xml";
data/r-cran-rbibutils-2.0/src/bibcore.c:919:39: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if ( mode==BIBL_ADSABSOUT ) strcpy( suffix, "ads" );
data/r-cran-rbibutils-2.0/src/bibcore.c:920:39: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if ( mode==BIBL_BIBTEXOUT ) strcpy( suffix, "bib" );
data/r-cran-rbibutils-2.0/src/bibcore.c:921:39: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if ( mode==BIBL_ENDNOTEOUT ) strcpy( suffix, "end" );
data/r-cran-rbibutils-2.0/src/bibcore.c:922:39: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if ( mode==BIBL_ISIOUT ) strcpy( suffix, "isi" );
data/r-cran-rbibutils-2.0/src/bibcore.c:923:39: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if ( mode==BIBL_MODSOUT ) strcpy( suffix, "xml" );
data/r-cran-rbibutils-2.0/src/bibcore.c:924:39: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if ( mode==BIBL_RISOUT ) strcpy( suffix, "ris" );
data/r-cran-rbibutils-2.0/src/bibcore.c:925:39: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
else if ( mode==BIBL_WORD2007OUT ) strcpy( suffix, "xml" );
data/r-cran-rbibutils-2.0/src/bibcore.c:932:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( outfile, "r" );
data/r-cran-rbibutils-2.0/src/bibcore.c:940:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( outfile, "r" );
data/r-cran-rbibutils-2.0/src/bibcore.c:942:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen( outfile, "w" );
data/r-cran-rbibutils-2.0/src/bibentryout.c:172:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *typenames[ NUM_TYPES ] = {
data/r-cran-rbibutils-2.0/src/bibentryout.c:197:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *typenames[ NUM_TYPES ] = {
data/r-cran-rbibutils-2.0/src/bibentryout.c:640:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[100], partdate[100];
data/r-cran-rbibutils-2.0/src/bibentryout.c:657:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *months[12] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
data/r-cran-rbibutils-2.0/src/bibentryout.c:674:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month = atoi( fields_value( in, n, FIELDS_CHRP ) );
data/r-cran-rbibutils-2.0/src/biblatexout.c:170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *typenames[ NUM_TYPES ] = {
data/r-cran-rbibutils-2.0/src/biblatexout.c:506:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[100], partdate[100];
data/r-cran-rbibutils-2.0/src/biblatexout.c:523:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *months[12] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
data/r-cran-rbibutils-2.0/src/biblatexout.c:540:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month = atoi( fields_value( in, n, FIELDS_CHRP ) );
data/r-cran-rbibutils-2.0/src/bibprog.c:26:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(outfile[0], "w");
data/r-cran-rbibutils-2.0/src/bibprog.c:34:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( argv[i], "r" );
data/r-cran-rbibutils-2.0/src/bibtexout.c:157:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *typenames[ NUM_TYPES ] = {
data/r-cran-rbibutils-2.0/src/bibtexout.c:482:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[100], partdate[100];
data/r-cran-rbibutils-2.0/src/bibtexout.c:499:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *months[12] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
data/r-cran-rbibutils-2.0/src/bibtexout.c:516:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month = atoi( fields_value( in, n, FIELDS_CHRP ) );
data/r-cran-rbibutils-2.0/src/charsets.c:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdname[15];
data/r-cran-rbibutils-2.0/src/charsets.c:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char descriptname[200];
data/r-cran-rbibutils-2.0/src/charsets.c:32:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char aliases[CHARSET_NALIASES][25];
data/r-cran-rbibutils-2.0/src/endin.c:399:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *month1[12]={
data/r-cran-rbibutils-2.0/src/endin.c:407:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *month2[12]={
data/r-cran-rbibutils-2.0/src/endin.c:425:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( out, "%d", found+1 );
data/r-cran-rbibutils-2.0/src/endin.c:427:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( out, "0%d", found+1 );
data/r-cran-rbibutils-2.0/src/endin.c:435:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *tags[3][2] = {
data/r-cran-rbibutils-2.0/src/endin.c:441:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char month[10], *m;
data/r-cran-rbibutils-2.0/src/endout.c:571:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *months[12] = { "January", "February", "March", "April",
data/r-cran-rbibutils-2.0/src/endout.c:583:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m = atoi( month );
data/r-cran-rbibutils-2.0/src/entities.c:17:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char html[20];
data/r-cran-rbibutils-2.0/src/gb18030.c:28:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[4];
data/r-cran-rbibutils-2.0/src/gb18030.c:30783:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
gb18030_unicode_table_lookup( unsigned int unicode, unsigned char out[4] )
data/r-cran-rbibutils-2.0/src/gb18030.c:30825:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
gb18030_unicode_range_lookup( unsigned int unicode, unsigned char out[4] )
data/r-cran-rbibutils-2.0/src/gb18030.c:30877:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
gb18030_encode( unsigned int unicode, unsigned char out[4] )
data/r-cran-rbibutils-2.0/src/gb18030.c:30898:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char uc[4];
data/r-cran-rbibutils-2.0/src/gb18030.c:30900:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
uc[0] = ( unsigned char ) s[i];
data/r-cran-rbibutils-2.0/src/gb18030.c:30908:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
uc[1] = ( unsigned char ) s[i+1];
data/r-cran-rbibutils-2.0/src/gb18030.c:30909:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
uc[2] = ( unsigned char ) s[i+2];
data/r-cran-rbibutils-2.0/src/gb18030.c:30910:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
uc[3]= ( unsigned char ) s[i+3];
data/r-cran-rbibutils-2.0/src/gb18030.h:12:59: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern int gb18030_encode( unsigned int unicode, unsigned char out[4] );
data/r-cran-rbibutils-2.0/src/isiin.c:81:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ( !isupper( (unsigned char )buf[0] ) ) return 0;
data/r-cran-rbibutils-2.0/src/isiin.c:82:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ( !( isupper( (unsigned char )buf[1] ) || isdigit( (unsigned char )buf[1] ) ) ) return 0;
data/r-cran-rbibutils-2.0/src/isiin.c:82:66: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ( !( isupper( (unsigned char )buf[1] ) || isdigit( (unsigned char )buf[1] ) ) ) return 0;
data/r-cran-rbibutils-2.0/src/modsin.c:261:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *titletag[2][2] = {
data/r-cran-rbibutils-2.0/src/modsout.c:391:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
find_datepos( fields *f, int level, unsigned char use_altnames, int datepos[NUM_DATE_TYPES] )
data/r-cran-rbibutils-2.0/src/modsout.c:452:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
fprintf( outptr, "%s", (char *) fields_value( f, pos[i], FIELDS_CHRP ) );
data/r-cran-rbibutils-2.0/src/modsout.c:463:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
fprintf( outptr, "%s", (char *) fields_value( f, pos[ DATE_ALL ], FIELDS_CHRP ) );
data/r-cran-rbibutils-2.0/src/modsout.c:669:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
fprintf( outptr, "%s", (char *) fields_value( f, parts[0].pos, FIELDS_CHRP ) );
data/r-cran-rbibutils-2.0/src/modsout.c:673:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
fprintf( outptr, "-%s", (char *) fields_value( f, parts[1].pos, FIELDS_CHRP ) );
data/r-cran-rbibutils-2.0/src/modsout.c:679:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
fprintf( outptr, "-%s", (char *) fields_value( f, parts[2].pos, FIELDS_CHRP ) );
data/r-cran-rbibutils-2.0/src/name.c:171:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char utf8s[7];
data/r-cran-rbibutils-2.0/src/reftypes.h:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[25];
data/r-cran-rbibutils-2.0/src/risin.c:94:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ( !isupper( (unsigned char )buf[0] ) ) return 0;
data/r-cran-rbibutils-2.0/src/risin.c:95:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ( !( isupper( (unsigned char )buf[1] ) || isdigit( (unsigned char )buf[1] ) ) ) return 0;
data/r-cran-rbibutils-2.0/src/risin.c:95:66: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ( !( isupper( (unsigned char )buf[1] ) || isdigit( (unsigned char )buf[1] ) ) ) return 0;
data/r-cran-rbibutils-2.0/src/risout.c:180:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *typenames[ NUM_TYPES ] = {
data/r-cran-rbibutils-2.0/src/risout.c:219:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *typenames[ NUM_TYPES ] = {
data/r-cran-rbibutils-2.0/src/risout.c:437:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *typenames[ NUM_TYPES ] = {
data/r-cran-rbibutils-2.0/src/slist.c:741:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen( filename, "r" );
data/r-cran-rbibutils-2.0/src/str.c:656:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char empty[2] = "";
data/r-cran-rbibutils-2.0/src/str_conv.c:27:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/r-cran-rbibutils-2.0/src/str_conv.c:28:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( buf, "&#%u;", ch );
data/r-cran-rbibutils-2.0/src/str_conv.c:55:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char code[6];
data/r-cran-rbibutils-2.0/src/str_conv.c:70:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char code[4];
data/r-cran-rbibutils-2.0/src/str_conv.c:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/r-cran-rbibutils-2.0/src/utf8.c:25:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
utf8_build( unsigned int value, unsigned char out[6], int in_pos, int out_pos )
data/r-cran-rbibutils-2.0/src/utf8.c:49:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
utf8_encode( unsigned int value, unsigned char out[6] )
data/r-cran-rbibutils-2.0/src/utf8.c:85:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
utf8_encode_str( unsigned int value, char outstr[7] )
data/r-cran-rbibutils-2.0/src/utf8.c:87:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char encoded[6];
data/r-cran-rbibutils-2.0/src/utf8.c:91:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
outstr[i] = ( char ) encoded[i];
data/r-cran-rbibutils-2.0/src/utf8.c:146:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char code[6];
data/r-cran-rbibutils-2.0/src/utf8.c:172:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char emdash[3] = { -30, -128, -108 };
data/r-cran-rbibutils-2.0/src/utf8.c:184:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char endash[3] = { -30, -128, -109 };
data/r-cran-rbibutils-2.0/src/utf8.h:14:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int utf8_encode( unsigned int value, unsigned char out[6] );
data/r-cran-rbibutils-2.0/src/utf8.h:15:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void utf8_encode_str( unsigned int value, char outstr[7] );
data/r-cran-rbibutils-2.0/src/adsout.c:356:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buf);
data/r-cran-rbibutils-2.0/src/adsout.c:357:24: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if ( len == 1 ) strncpy( pos+3, buf, 1 );
data/r-cran-rbibutils-2.0/src/adsout.c:358:24: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
else if ( len == 2 ) strncpy( pos+2, buf, 2 );
data/r-cran-rbibutils-2.0/src/adsout.c:359:24: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
else if ( len == 3 ) strncpy( pos+1, buf, 3 );
data/r-cran-rbibutils-2.0/src/adsout.c:360:24: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
else if ( len == 4 ) strncpy( pos, buf, 4 );
data/r-cran-rbibutils-2.0/src/bibcore.c:319:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen((const char *)val);
data/r-cran-rbibutils-2.0/src/bibentryout.c:973:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (value) ? strlen( value ) : 0;
data/r-cran-rbibutils-2.0/src/bibentryout.c:1013:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( value );
data/r-cran-rbibutils-2.0/src/biblatexout.c:833:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (value) ? strlen( value ) : 0;
data/r-cran-rbibutils-2.0/src/biblatexout.c:853:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( tag );
data/r-cran-rbibutils-2.0/src/biblatexout.c:863:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( value );
data/r-cran-rbibutils-2.0/src/bibtexin.c:1139:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int n = strlen( p ) - 1;
data/r-cran-rbibutils-2.0/src/bibtexout.c:797:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (value) ? strlen( value ) : 0;
data/r-cran-rbibutils-2.0/src/bibtexout.c:817:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( tag );
data/r-cran-rbibutils-2.0/src/bibtexout.c:827:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( value );
data/r-cran-rbibutils-2.0/src/entities.c:293:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( e );
data/r-cran-rbibutils-2.0/src/nbibin.c:177:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ( inref && strlen( p ) >= 6 ) {
data/r-cran-rbibutils-2.0/src/nbibin.c:401:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( outtag ) > 0 ) {
data/r-cran-rbibutils-2.0/src/reftypes.c:28:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( !strncasecmp( all[i].type, p, strlen(all[i].type) ) )
data/r-cran-rbibutils-2.0/src/risout.c:661:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( scheme[i] );
data/r-cran-rbibutils-2.0/src/str.c:365:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lenaddstr = strlen( addstr );
data/r-cran-rbibutils-2.0/src/str.c:410:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat( &(s->data[s->len]), addstr, n + 1 - strlen(&(s->data[s->len])) - 1 );
data/r-cran-rbibutils-2.0/src/str.c:410:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat( &(s->data[s->len]), addstr, n + 1 - strlen(&(s->data[s->len])) - 1 );
data/r-cran-rbibutils-2.0/src/str.c:428:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen( from );
data/r-cran-rbibutils-2.0/src/str.c:522:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( s->data, p, n + 1);
data/r-cran-rbibutils-2.0/src/str.c:543:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen( from );
data/r-cran-rbibutils-2.0/src/str.c:668:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
find_len = strlen( find );
data/r-cran-rbibutils-2.0/src/str.c:669:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rep_len = strlen( replace );
data/r-cran-rbibutils-2.0/src/str.c:675:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curr_len = strlen(s->data);
data/r-cran-rbibutils-2.0/src/str.c:1061:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = fgetc( fp );
data/r-cran-rbibutils-2.0/src/str.c:1068:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ch = fgetc( fp );
data/r-cran-rbibutils-2.0/src/url.c:102:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
patlen = strlen( pattern );
data/r-cran-rbibutils-2.0/src/url.c:103:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( s ) < patlen ) return 0; /* too short */
data/r-cran-rbibutils-2.0/src/wordout.c:302:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( mainttl[ strlen( mainttl ) - 1 ] != '?' )
data/r-cran-rbibutils-2.0/src/xml.c:327:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( node->tag.len!=strlen( tag ) ) return 0;
ANALYSIS SUMMARY:
Hits = 144
Lines analyzed = 113076 in approximately 3.86 seconds (29269 lines/second)
Physical Source Lines of Code (SLOC) = 105601
Hits@level = [0] 245 [1] 35 [2] 98 [3] 0 [4] 11 [5] 0
Hits@level+ = [0+] 389 [1+] 144 [2+] 109 [3+] 11 [4+] 11 [5+] 0
Hits/KSLOC@level+ = [0+] 3.68368 [1+] 1.36362 [2+] 1.03219 [3+] 0.104166 [4+] 0.104166 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.