Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/remem-2.12/acconfig.h
Examining data/remem-2.12/main/rmain.h
Examining data/remem-2.12/main/rmain.c
Examining data/remem-2.12/main/imain.c
Examining data/remem-2.12/plugins/indexers-date.c
Examining data/remem-2.12/plugins/indexers-text.c
Examining data/remem-2.12/plugins/parsers-date.c
Examining data/remem-2.12/plugins/parsers-text.c
Examining data/remem-2.12/plugins/plugins-date.h
Examining data/remem-2.12/plugins/plugins-text.h
Examining data/remem-2.12/plugins/plugins.h
Examining data/remem-2.12/plugins/retrievers-text.c
Examining data/remem-2.12/plugins/stem.c
Examining data/remem-2.12/plugins/stem.h
Examining data/remem-2.12/plugins/stops.h
Examining data/remem-2.12/savant.h
Examining data/remem-2.12/savutil/big.c
Examining data/remem-2.12/savutil/gbuf.h
Examining data/remem-2.12/savutil/hash.c
Examining data/remem-2.12/savutil/hash.h
Examining data/remem-2.12/savutil/opendie.c
Examining data/remem-2.12/savutil/parsedate/datelex.c
Examining data/remem-2.12/savutil/parsedate/dateyacc.c
Examining data/remem-2.12/savutil/parsedate/dateyacc.h
Examining data/remem-2.12/savutil/parsedate/parsedate.c
Examining data/remem-2.12/savutil/parsedate/parsedate.h
Examining data/remem-2.12/savutil/saverror.c
Examining data/remem-2.12/savutil/savutil.h
Examining data/remem-2.12/savutil/gbuf.c
Examining data/remem-2.12/template/conftemplates.c
Examining data/remem-2.12/template/conftemplates.h
Examining data/remem-2.12/template/parsedoc.h
Examining data/remem-2.12/template/regex.c
Examining data/remem-2.12/template/regex.h
Examining data/remem-2.12/template/parsedoc.c
FINAL RESULTS:
data/remem-2.12/main/rmain.c:703:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errorstring, "%s is not a valid docnum\n", argv[i]);
data/remem-2.12/main/rmain.c:743:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(db_dir, db_name);
data/remem-2.12/plugins/indexers-date.c:142:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(date_fname, "%s.%.3d", DATES_FNAME, checkpoint_number);
data/remem-2.12/plugins/indexers-date.c:175:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(date_fname, "%s.%.3d", DATES_FNAME, i);
data/remem-2.12/plugins/indexers-text.c:153:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(wordvec_fname, "%s.%.3d", WORDVEC_FNAME, checkpoint_number);
data/remem-2.12/plugins/indexers-text.c:154:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(wvoff_fname, "%s.%.3d", WVOFF_FNAME, checkpoint_number);
data/remem-2.12/plugins/indexers-text.c:194:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(wordvec_fname, "%s.%.3d", WORDVEC_FNAME, i);
data/remem-2.12/plugins/indexers-text.c:195:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(wvoff_fname, "%s.%.3d", WVOFF_FNAME, i);
data/remem-2.12/plugins/indexers-text.c:290:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(wordvec_fname, "%s%s.%.3d", dbdir, WORDVEC_FNAME, i);
data/remem-2.12/plugins/indexers-text.c:291:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(wvoff_fname, "%s%s.%.3d", dbdir, WVOFF_FNAME, i);
data/remem-2.12/plugins/indexers-text.c:294:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errorstring, "Error unlinking (deleting) file %s", wordvec_fname);
data/remem-2.12/plugins/indexers-text.c:298:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errorstring, "Error unlinking (deleting) file %s", wvoff_fname);
data/remem-2.12/plugins/parsers-text.c:251:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (str, fieldname);
data/remem-2.12/plugins/parsers-text.c:644:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(codes, tempbuf);
data/remem-2.12/plugins/parsers-text.c:646:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (decoded, "%s (%s): %d\n", codes, word, tree->documents->weight);
data/remem-2.12/plugins/stem.c:413:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
(void)strcat( word, rule->new_end );
data/remem-2.12/savutil/opendie.c:25:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errorstring, "Unable to open filename %s", pathname);
data/remem-2.12/savutil/parsedate/dateyacc.c:867:7: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf( _POP_, *yy_ps,
data/remem-2.12/savutil/parsedate/parsedate.c:333:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
case 0: strcpy (c, pd->dst ? "+0000" : "GMT"); break;
data/remem-2.12/savutil/parsedate/parsedate.c:334:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
case -240: strcpy (c, pd->dst ? "EDT" : "-0400"); break;
data/remem-2.12/savutil/parsedate/parsedate.c:335:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
case -300: strcpy (c, pd->dst ? "CDT" : "EST"); break;
data/remem-2.12/savutil/parsedate/parsedate.c:336:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
case -360: strcpy (c, pd->dst ? "MDT" : "CST"); break;
data/remem-2.12/savutil/parsedate/parsedate.c:337:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
case -420: strcpy (c, pd->dst ? "PDT" : "MST"); break;
data/remem-2.12/savutil/parsedate/parsedate.c:338:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
case -480: strcpy (c, pd->dst ? "-0800" : "PST"); break;
data/remem-2.12/savutil/parsedate/parsedate.c:380:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
case 0: strcpy (c, pd->dst ? "+0000" : "-GMT"); break;
data/remem-2.12/savutil/parsedate/parsedate.c:381:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
case -240: strcpy (c, pd->dst ? "-EDT" : "-0400"); break;
data/remem-2.12/savutil/parsedate/parsedate.c:382:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
case -300: strcpy (c, pd->dst ? "-CDT" : "-EST"); break;
data/remem-2.12/savutil/parsedate/parsedate.c:383:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
case -360: strcpy (c, pd->dst ? "-MDT" : "-CST"); break;
data/remem-2.12/savutil/parsedate/parsedate.c:384:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
case -420: strcpy (c, pd->dst ? "-PDT" : "-MST"); break;
data/remem-2.12/savutil/parsedate/parsedate.c:385:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
case -480: strcpy (c, pd->dst ? "-0800" : "-PST"); break;
data/remem-2.12/template/conftemplates.c:188:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errorstring, "add_template_field_name: No field %s found in All_Fields", fieldname);
data/remem-2.12/template/conftemplates.c:343:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errorstring, "create_and_add_field: already hit max number of fields (%d) when creating %s",
data/remem-2.12/template/parsedoc.c:60:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "is_bin_file_p: Cannot open file: %s", filename);
data/remem-2.12/template/parsedoc.c:115:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(excludees[i], cwd);
data/remem-2.12/template/parsedoc.c:116:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(excludees[i], temp_excl);
data/remem-2.12/template/parsedoc.c:135:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cur_dir, cwd);
data/remem-2.12/template/parsedoc.c:136:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(cur_dir, sources[i]);
data/remem-2.12/template/parsedoc.c:194:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list_of_filenames->filename, sourcename);
data/remem-2.12/template/parsedoc.c:236:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list_of_filenames->filename, sourcename);
data/remem-2.12/template/parsedoc.c:256:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, sourcename);
data/remem-2.12/template/parsedoc.c:260:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, shortname);
data/remem-2.12/template/parsedoc.c:565:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errortext, "find_and_index_fields: pcre error %s at location %d",
data/remem-2.12/template/parsedoc.c:592:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errortext, "find_fields: vector out of range for finding fielddata: %s (is id_index correct?)",
data/remem-2.12/template/parsedoc.c:784:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(previous_filename, docInfo->filename);
data/remem-2.12/template/parsedoc.c:788:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errortext, "write_doc_info: error %d doing ftell on file %s%s", errno, db_dir, DOCLOC_FILE);
data/remem-2.12/template/parsedoc.c:859:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errortext, "write_doc_info: error %d doing ftell on file %s%s",
data/remem-2.12/template/regex.c:62:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errortext, "regex_find: pcre error %s at location %d", errptr, error_offset);
data/remem-2.12/template/regex.c:104:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(errortext, "regex_filter: pcre_compile error %s at location %d\n", errptr, error_offset);
data/remem-2.12/template/regex.c:123:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp_string, ptr);
data/remem-2.12/main/imain.c:84:3: [3] (buffer) getwd:
This does not protect against buffer overflows by itself, so use with
caution (CWE-120, CWE-20). Use getcwd instead.
getwd(file_path);
data/remem-2.12/main/imain.c:379:5: [3] (buffer) getwd:
This does not protect against buffer overflows by itself, so use with
caution (CWE-120, CWE-20). Use getcwd instead.
getwd(db_dir);
data/remem-2.12/template/parsedoc.c:102:3: [3] (buffer) getwd:
This does not protect against buffer overflows by itself, so use with
caution (CWE-120, CWE-20). Use getcwd instead.
getwd(cwd);
data/remem-2.12/main/imain.c:76:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *str, c, b, **result, file_path[PATHLEN+1];
data/remem-2.12/main/imain.c:93:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((ifp = fopen(file_path,"r")) == NULL) {
data/remem-2.12/main/imain.c:109:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ifp = fopen(filename, "r");
data/remem-2.12/main/imain.c:131:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
result[i] = (char *) malloc (source_sizes[i]*(sizeof(char)) + 1);
data/remem-2.12/main/imain.c:179:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ifp = fopen(filename, "r");
data/remem-2.12/main/imain.c:406:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file = fopen(current_filename->filename,"r")) == NULL) {
data/remem-2.12/main/rmain.c:102:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[129];
data/remem-2.12/main/rmain.c:113:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*argint = atoi(argptr + 5);
data/remem-2.12/main/rmain.c:122:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*argint = atoi(argptr + 12);
data/remem-2.12/main/rmain.c:127:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*argint = atoi(argptr + 8);
data/remem-2.12/main/rmain.c:156:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*argint = atoi(spacepos2 + 1);
data/remem-2.12/main/rmain.c:174:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[129];
data/remem-2.12/main/rmain.c:394:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(topSims[minindex]), sim_total_element, sizeof(Doc_Sim_Totals));
data/remem-2.12/main/rmain.c:553:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char printbuf[TITLE_LENGTH_MAX + 1];
data/remem-2.12/main/rmain.c:612:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char docfilename[PATH_MAX];
data/remem-2.12/main/rmain.c:622:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
RetrievedFile = fopen(docfilename, "r");
data/remem-2.12/main/rmain.c:654:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command_argstring[MAX_FIELD_NAME_LENGTH];
data/remem-2.12/main/rmain.c:666:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char docfilename[PATH_MAX];
data/remem-2.12/plugins/indexers-date.c:140:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date_fname[100];
data/remem-2.12/plugins/indexers-date.c:163:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date_fname[PATH_MAX];
data/remem-2.12/plugins/indexers-text.c:150:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wordvec_fname[100];
data/remem-2.12/plugins/indexers-text.c:151:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wvoff_fname[100];
data/remem-2.12/plugins/indexers-text.c:175:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wordvec_fname[PATH_MAX];
data/remem-2.12/plugins/indexers-text.c:176:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char wvoff_fname[PATH_MAX];
data/remem-2.12/plugins/indexers-text.c:177:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorstring[256];
data/remem-2.12/plugins/indexers-text.c:237:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errorstring,
data/remem-2.12/plugins/indexers-text.c:250:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errorstring,
data/remem-2.12/plugins/indexers-text.c:275:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errorstring, "merge_text_index_file: only %d bytes written to wordvec file, should be %d",
data/remem-2.12/plugins/parsers-date.c:121:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char b[100];
data/remem-2.12/plugins/parsers-date.c:135:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[100];
data/remem-2.12/plugins/parsers-date.c:140:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%d ", tree->date);
data/remem-2.12/plugins/parsers-text.c:250:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (str, ": ");
data/remem-2.12/plugins/parsers-text.c:410:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char word[16], printword[PRINTWORD_LENGTH];
data/remem-2.12/plugins/parsers-text.c:522:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char word[16], printword[PRINTWORD_LENGTH];
data/remem-2.12/plugins/parsers-text.c:618:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decoded[100], word[60], codes[60], tempbuf[60];
data/remem-2.12/plugins/parsers-text.c:643:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempbuf, "%08x ", tree->wordcode[i]);
data/remem-2.12/plugins/parsers-text.c:663:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpstr[256];
data/remem-2.12/plugins/parsers-text.c:673:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (tmpstr, "Total weight = %d, Total num words = %d\n", total_weight, total_numwords);
data/remem-2.12/plugins/plugins-text.h:70:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char printword[PRINTWORD_LENGTH + 1];
data/remem-2.12/plugins/plugins-text.h:89:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char printword[PRINTWORD_LENGTH]; /* printable string for this word (used for user feedback of a query) */
data/remem-2.12/plugins/stem.c:52:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char LAMBDA[1] = ""; /* the constant empty string */
data/remem-2.12/savutil/big.c:57:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
big[size*i + (size-1-j)] = ((unsigned char *) ptr)[size*i + j];
data/remem-2.12/savutil/big.c:99:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((unsigned char *)ptr)[size*i + (size-1-j)] = big[size*i + j];
data/remem-2.12/savutil/opendie.c:11:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pathname[256];
data/remem-2.12/savutil/opendie.c:12:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorstring[256];
data/remem-2.12/savutil/opendie.c:20:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file = fopen(pathname, mode)) == NULL) {
data/remem-2.12/savutil/parsedate/datelex.c:224:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
{ static char buffer[MAX_WORD_LENGTH+1];
data/remem-2.12/savutil/parsedate/dateyacc.c:522:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(type *) memcpy(to, (char *) from, yynewmax * sizeof(type))
data/remem-2.12/savutil/parsedate/parsedate.c:309:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char answer[50];
data/remem-2.12/savutil/parsedate/parsedate.c:321:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (answer,
data/remem-2.12/savutil/parsedate/parsedate.c:329:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (pd->second >= 0) sprintf (c, ":%02d", pd->second), c += 3;
data/remem-2.12/savutil/parsedate/parsedate.c:341:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (c, "+%02d%02d", pd->zone/60, pd->zone%60);
data/remem-2.12/savutil/parsedate/parsedate.c:342:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf (c, "-%02d%02d", -pd->zone/60, -pd->zone%60);
data/remem-2.12/savutil/parsedate/parsedate.c:359:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char answer[50];
data/remem-2.12/savutil/parsedate/parsedate.c:371:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (answer,
data/remem-2.12/savutil/parsedate/parsedate.c:377:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (pd->second >= 0) sprintf (c, ":%02d", pd->second), c += 3;
data/remem-2.12/savutil/parsedate/parsedate.c:388:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (c, "+%02d%02d", pd->zone/60, pd->zone%60);
data/remem-2.12/savutil/parsedate/parsedate.c:389:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
else sprintf (c, "-%02d%02d", -pd->zone/60, -pd->zone%60);
data/remem-2.12/savutil/parsedate/parsedate.c:392:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (c, " %d", pd->year);
data/remem-2.12/template/conftemplates.c:142:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorstring[256];
data/remem-2.12/template/conftemplates.c:150:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errorstring, "maximum number of fields already reached");
data/remem-2.12/template/conftemplates.c:184:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorstring[256];
data/remem-2.12/template/conftemplates.c:207:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorstring[256];
data/remem-2.12/template/conftemplates.c:214:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errorstring, "maximum number of fields already reached");
data/remem-2.12/template/conftemplates.c:341:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorstring[256];
data/remem-2.12/template/conftemplates.h:67:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char printword[PRINTWORD_LENGTH]; /* What is this word anyway? */
data/remem-2.12/template/parsedoc.c:55:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048];
data/remem-2.12/template/parsedoc.c:59:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if((file = fopen(filename,"r")) == NULL) {
data/remem-2.12/template/parsedoc.c:96:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[PATH_MAX+2], command[MAX_STRING], *cur_dir, *temp_excl;
data/remem-2.12/template/parsedoc.c:133:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if ((cur_dir = (char *)malloc(strlen(sources[i]) + strlen(cwd) + 2)) == NULL)
data/remem-2.12/template/parsedoc.c:296:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char target[RECOGNIZE_LIMIT +1];
data/remem-2.12/template/parsedoc.c:351:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[READ_BUFFER_AMOUNT + 1];
data/remem-2.12/template/parsedoc.c:542:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *dt, *errptr, space_delimiter[2];
data/remem-2.12/template/parsedoc.c:545:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errortext[256];
data/remem-2.12/template/parsedoc.c:622:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errortext[256];
data/remem-2.12/template/parsedoc.c:758:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char previous_filename[PATH_MAX] = "";
data/remem-2.12/template/parsedoc.c:764:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *titlearray[MAX_NUMBER_FIELDS];
data/remem-2.12/template/parsedoc.c:767:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errortext[256];
data/remem-2.12/template/regex.c:48:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errortext[256];
data/remem-2.12/template/regex.c:87:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *temp_string, *ptr, errortext[512];
data/remem-2.12/main/imain.c:86:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(file_path, "/");
data/remem-2.12/main/imain.c:87:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(file_path, filename, PATHLEN-strlen(file_path));
data/remem-2.12/main/imain.c:87:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(file_path, filename, PATHLEN-strlen(file_path));
data/remem-2.12/main/imain.c:90:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(file_path, filename, PATHLEN);
data/remem-2.12/main/imain.c:111:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(ifp);
data/remem-2.12/main/imain.c:115:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(ifp);
data/remem-2.12/main/imain.c:137:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(ifp);
data/remem-2.12/main/imain.c:142:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(ifp);
data/remem-2.12/main/imain.c:181:7: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(ifp);
data/remem-2.12/main/imain.c:186:6: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(ifp);
data/remem-2.12/main/imain.c:190:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(ifp);
data/remem-2.12/main/imain.c:381:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(db_dir, "/");
data/remem-2.12/main/imain.c:382:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(db_dir, db_name, PATH_MAX + 1 - strlen(db_dir));
data/remem-2.12/main/imain.c:382:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(db_dir, db_name, PATH_MAX + 1 - strlen(db_dir));
data/remem-2.12/main/imain.c:385:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(db_dir, db_name, PATH_MAX + 2);
data/remem-2.12/main/imain.c:387:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (db_dir[strlen(db_dir)-1] != '/')
data/remem-2.12/main/imain.c:388:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(db_dir,"/");
data/remem-2.12/main/imain.c:409:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(short_name); i<20; i++) {
data/remem-2.12/main/imain.c:421:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(short_name); i<20; i++) {
data/remem-2.12/main/imain.c:434:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i=strlen(short_name); i<30; i++) {
data/remem-2.12/main/rmain.c:153:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(argstring, spacepos1+1, RA_MIN(MAX_FIELD_NAME_LENGTH,
data/remem-2.12/main/rmain.c:185:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat_GBuffer(query, line, strlen(line));
data/remem-2.12/main/rmain.c:592:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(all_sims[i].docsim.top_contributors[j].printword) > 0) {
data/remem-2.12/plugins/parsers-date.c:94:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strnchop_GBuffer(&g, strlen(strcast_GBuffer(&g)));
data/remem-2.12/plugins/parsers-date.c:141:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat_GBuffer(buf, temp, strlen(temp));
data/remem-2.12/plugins/parsers-text.c:313:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tree->printword, printword, PRINTWORD_LENGTH);
data/remem-2.12/plugins/parsers-text.c:486:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(printword, word, PRINTWORD_LENGTH);
data/remem-2.12/plugins/parsers-text.c:585:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(printword, word, PRINTWORD_LENGTH);
data/remem-2.12/plugins/parsers-text.c:650:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat_GBuffer(left, decoded, strlen(decoded));
data/remem-2.12/plugins/parsers-text.c:674:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat_GBuffer(ret, tmpstr, strlen(tmpstr));
data/remem-2.12/plugins/parsers-text.c:752:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(twi->printword, stateptr->printword, PRINTWORD_LENGTH);
data/remem-2.12/plugins/stem.c:316:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( (length = strlen(word)) <= 2 )
data/remem-2.12/savant.h:69:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define NAMLEN(dirent) strlen((dirent)->d_name)
data/remem-2.12/savutil/gbuf.c:93:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(dest->value, src, n);
data/remem-2.12/savutil/gbuf.c:108:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dest->value, src, n);
data/remem-2.12/savutil/gbuf.c:125:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(temp, (char *)(strcast_GBuffer(dest) + n), (dest->tail - n));
data/remem-2.12/savutil/opendie.c:15:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(pathname, base, 250);
data/remem-2.12/savutil/opendie.c:16:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pathname[strlen(pathname)-1] != '/')
data/remem-2.12/savutil/opendie.c:17:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(pathname,"/");
data/remem-2.12/savutil/opendie.c:18:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(pathname, filename, 255-strlen(pathname));
data/remem-2.12/savutil/opendie.c:18:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(pathname, filename, 255-strlen(pathname));
data/remem-2.12/savutil/parsedate/parsedate.c:328:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = answer + strlen (answer);
data/remem-2.12/savutil/parsedate/parsedate.c:376:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = answer + strlen (answer);
data/remem-2.12/savutil/parsedate/parsedate.c:391:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = answer + strlen (answer);
data/remem-2.12/template/parsedoc.c:104:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cwd, "/");
data/remem-2.12/template/parsedoc.c:112:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((excludees[i] = (char *)malloc(strlen(temp_excl) + strlen(cwd) + 2)) == NULL)
data/remem-2.12/template/parsedoc.c:112:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((excludees[i] = (char *)malloc(strlen(temp_excl) + strlen(cwd) + 2)) == NULL)
data/remem-2.12/template/parsedoc.c:118:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (excludees[i][strlen(excludees[i])-1] == '/') {
data/remem-2.12/template/parsedoc.c:119:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
excludees[i][strlen(excludees[i])-1] = '\0';
data/remem-2.12/template/parsedoc.c:133:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((cur_dir = (char *)malloc(strlen(sources[i]) + strlen(cwd) + 2)) == NULL)
data/remem-2.12/template/parsedoc.c:133:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((cur_dir = (char *)malloc(strlen(sources[i]) + strlen(cwd) + 2)) == NULL)
data/remem-2.12/template/parsedoc.c:138:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sources[i][strlen(sources[i])-1] == '/') { /* Remove trailing "/" */
data/remem-2.12/template/parsedoc.c:139:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sources[i][strlen(sources[i])-1] = '\0';
data/remem-2.12/template/parsedoc.c:193:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
list_of_filenames->filename = (char *) malloc (sizeof(char) * (strlen(sourcename) + 1));
data/remem-2.12/template/parsedoc.c:210:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(shortname[strlen(shortname)-1] == '~') ||
data/remem-2.12/template/parsedoc.c:235:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
list_of_filenames->filename = (char *) malloc (sizeof(char) * (strlen(sourcename) + 1));
data/remem-2.12/template/parsedoc.c:254:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sourcelen = strlen(sourcename);
data/remem-2.12/template/parsedoc.c:255:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename = (char *) malloc (sizeof(char) * (sourcelen + strlen(shortname) + 2));
data/remem-2.12/template/parsedoc.c:259:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(filename, "/");
data/remem-2.12/template/parsedoc.c:373:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy_GBuffer(document->documentText, strcast_GBuffer(documentText), strlen(strcast_GBuffer(documentText)));
data/remem-2.12/template/parsedoc.c:404:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(buffer) < numbytes) {
data/remem-2.12/template/parsedoc.c:405:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer[strlen(buffer)]='\1';
data/remem-2.12/template/parsedoc.c:550:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(space_delimiter, " ");
data/remem-2.12/template/parsedoc.c:571:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sizedt = strlen(dt);
data/remem-2.12/template/parsedoc.c:601:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(strcast_GBuffer(&good_bits)) > 0)
data/remem-2.12/template/parsedoc.c:796:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dl_fpos_end = dl_fpos_writeme + strlen(docInfo->filename);
data/remem-2.12/template/parsedoc.c:820:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(titlearray[i]) > 0) {
data/remem-2.12/template/parsedoc.c:821:11: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(titlestring, titlearray[i], titlelengtharray[i]);
data/remem-2.12/template/parsedoc.c:825:13: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(titlestring, rindex(docInfo->filename, '/')+1, titlelengtharray[i]);
data/remem-2.12/template/parsedoc.c:827:13: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(titlestring, docInfo->filename, titlelengtharray[i]);
data/remem-2.12/template/parsedoc.c:833:13: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(titlestring, passbuf->pw_name, titlelengtharray[i]);
data/remem-2.12/template/parsedoc.c:838:11: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(titlestring, ctime(&statbuf.st_mtime), titlelengtharray[i]);
data/remem-2.12/template/parsedoc.c:841:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(titlestring, "|");
data/remem-2.12/template/parsedoc.c:846:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(titlestring, rindex(docInfo->filename, '/')+1, titlelengtharray[i]);
data/remem-2.12/template/parsedoc.c:848:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(titlestring, docInfo->filename, titlelengtharray[i]);
data/remem-2.12/template/parsedoc.c:849:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(titlestring, "|");
data/remem-2.12/template/parsedoc.c:940:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(topList[minIndex].printword, printname, PRINTWORD_LENGTH);
data/remem-2.12/template/regex.c:116:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
groups_matched = pcre_exec(pattern, NULL, ptr, strlen(ptr), 0, 0, vector, 256);
data/remem-2.12/template/regex.c:119:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(temp_string, ptr, vector[0]);
data/remem-2.12/template/regex.c:124:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy_GBuffer(target, temp_string, strlen(temp_string));
ANALYSIS SUMMARY:
Hits = 212
Lines analyzed = 10806 in approximately 0.37 seconds (29483 lines/second)
Physical Source Lines of Code (SLOC) = 6628
Hits@level = [0] 108 [1] 80 [2] 80 [3] 3 [4] 49 [5] 0
Hits@level+ = [0+] 320 [1+] 212 [2+] 132 [3+] 52 [4+] 49 [5+] 0
Hits/KSLOC@level+ = [0+] 48.28 [1+] 31.9855 [2+] 19.9155 [3+] 7.8455 [4+] 7.39288 [5+] 0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.