Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/ripmime-1.4.0.10.debian.1/libmime-decoders.c Examining data/ripmime-1.4.0.10.debian.1/boundary-stack.h Examining data/ripmime-1.4.0.10.debian.1/ripmime-api.c Examining data/ripmime-1.4.0.10.debian.1/rawget.h Examining data/ripmime-1.4.0.10.debian.1/boundary-stack.c Examining data/ripmime-1.4.0.10.debian.1/filename-filters.c Examining data/ripmime-1.4.0.10.debian.1/pldstr.h Examining data/ripmime-1.4.0.10.debian.1/tnef/config.h Examining data/ripmime-1.4.0.10.debian.1/tnef/logger.h Examining data/ripmime-1.4.0.10.debian.1/tnef/logger.c Examining data/ripmime-1.4.0.10.debian.1/tnef/tnef_api.h Examining data/ripmime-1.4.0.10.debian.1/tnef/tnef.c Examining data/ripmime-1.4.0.10.debian.1/strstack.h Examining data/ripmime-1.4.0.10.debian.1/libmime-decoders.h Examining data/ripmime-1.4.0.10.debian.1/rawget.c Examining data/ripmime-1.4.0.10.debian.1/logger.h Examining data/ripmime-1.4.0.10.debian.1/logger.c Examining data/ripmime-1.4.0.10.debian.1/strstack.c Examining data/ripmime-1.4.0.10.debian.1/ffget.h Examining data/ripmime-1.4.0.10.debian.1/ripOLE/bt-int.c Examining data/ripmime-1.4.0.10.debian.1/ripOLE/bt-int.h Examining data/ripmime-1.4.0.10.debian.1/ripOLE/bytedecoders.h Examining data/ripmime-1.4.0.10.debian.1/ripOLE/pldstr.h Examining data/ripmime-1.4.0.10.debian.1/ripOLE/ripole.c Examining data/ripmime-1.4.0.10.debian.1/ripOLE/olestream-unwrap.h Examining data/ripmime-1.4.0.10.debian.1/ripOLE/logger.h Examining data/ripmime-1.4.0.10.debian.1/ripOLE/ole.h Examining data/ripmime-1.4.0.10.debian.1/ripOLE/logger.c Examining data/ripmime-1.4.0.10.debian.1/ripOLE/pldstr.c Examining data/ripmime-1.4.0.10.debian.1/ripOLE/bytedecoders.c Examining data/ripmime-1.4.0.10.debian.1/ripOLE/olestream-unwrap.c Examining data/ripmime-1.4.0.10.debian.1/ripOLE/ole.c Examining data/ripmime-1.4.0.10.debian.1/uuencode.h Examining data/ripmime-1.4.0.10.debian.1/pldstr.c Examining data/ripmime-1.4.0.10.debian.1/ripmime-api.h Examining data/ripmime-1.4.0.10.debian.1/filename-filters.h Examining data/ripmime-1.4.0.10.debian.1/uuencode.c Examining data/ripmime-1.4.0.10.debian.1/MIME_headers.h Examining data/ripmime-1.4.0.10.debian.1/mime.h Examining data/ripmime-1.4.0.10.debian.1/ripmime.c Examining data/ripmime-1.4.0.10.debian.1/mime.c Examining data/ripmime-1.4.0.10.debian.1/ffget.c Examining data/ripmime-1.4.0.10.debian.1/MIME_headers.c FINAL RESULTS: data/ripmime-1.4.0.10.debian.1/logger.c:301:2: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(tmpoutput, format, ptr); data/ripmime-1.4.0.10.debian.1/logger.c:303:2: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(tmpoutput,sizeof(tmpoutput),format,ptr); data/ripmime-1.4.0.10.debian.1/pldstr.c:738:7: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. n = vsnprintf (p, size, format, ap); data/ripmime-1.4.0.10.debian.1/ripOLE/logger.c:301:2: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(tmpoutput, format, ptr); data/ripmime-1.4.0.10.debian.1/ripOLE/logger.c:303:2: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(tmpoutput,sizeof(tmpoutput),format,ptr); data/ripmime-1.4.0.10.debian.1/ripOLE/pldstr.c:738:7: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. n = vsnprintf (p, size, format, ap); data/ripmime-1.4.0.10.debian.1/tnef/logger.c:301:2: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(tmpoutput, format, ptr); data/ripmime-1.4.0.10.debian.1/tnef/logger.c:303:2: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(tmpoutput,10240,format,ptr); data/ripmime-1.4.0.10.debian.1/tnef/logger.c:323:4: [4] (format) syslog: If syslog's format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant format string for syslog. syslog(_LOGGER_syslog_mode,output); data/ripmime-1.4.0.10.debian.1/ripmime-api.c:103:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand (time (NULL)); data/ripmime-1.4.0.10.debian.1/ripmime.c:732:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand (time (NULL)); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:55:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *MIMEH_defect_description_array[_MIMEH_DEFECT_ARRAY_SIZE]; data/ripmime-1.4.0.10.debian.1/MIME_headers.c:63:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char doubleCRname[_MIMEH_STRLEN_MAX +1]; data/ripmime-1.4.0.10.debian.1/MIME_headers.c:65:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char appledouble_filename[_MIMEH_STRLEN_MAX +1]; data/ripmime-1.4.0.10.debian.1/MIME_headers.c:67:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char subject[_MIMEH_STRLEN_MAX +1]; data/ripmime-1.4.0.10.debian.1/MIME_headers.c:84:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output_dir[_MIMEH_STRLEN_MAX +1]; data/ripmime-1.4.0.10.debian.1/MIME_headers.c:684:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/ripmime-1.4.0.10.debian.1/MIME_headers.c:688:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(fname,"r"); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:719:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char conditions[7][16] = { "received", "from", "subject", "date", "content", "boundary" }; data/ripmime-1.4.0.10.debian.1/MIME_headers.c:794:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fo = fopen(glb.doubleCRname,"w"); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:1095:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[_MIMEH_STRLEN_MAX+1]; data/ripmime-1.4.0.10.debian.1/MIME_headers.c:1244:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((glb.headerline +totalsize), linestart, (linesize)); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:2906:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[128]; data/ripmime-1.4.0.10.debian.1/MIME_headers.h:96:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratch[_MIMEH_STRLEN_MAX +1]; data/ripmime-1.4.0.10.debian.1/MIME_headers.h:98:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char content_type_string[ _MIMEH_CONTENT_TYPE_MAX +1 ]; data/ripmime-1.4.0.10.debian.1/MIME_headers.h:99:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char content_description_string[ _MIMEH_CONTENT_DESCRIPTION_MAX +1 ]; data/ripmime-1.4.0.10.debian.1/MIME_headers.h:100:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char boundary[_MIMEH_STRLEN_MAX +1]; data/ripmime-1.4.0.10.debian.1/MIME_headers.h:102:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char subject[_MIMEH_SUBJECTLEN_MAX +1]; data/ripmime-1.4.0.10.debian.1/MIME_headers.h:103:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[_MIMEH_FILENAMELEN_MAX +1]; data/ripmime-1.4.0.10.debian.1/MIME_headers.h:104:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[_MIMEH_STRLEN_MAX +1]; data/ripmime-1.4.0.10.debian.1/MIME_headers.h:107:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char from[_MIMEH_STRLEN_MAX +1]; data/ripmime-1.4.0.10.debian.1/MIME_headers.h:108:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char date[_MIMEH_STRLEN_MAX +1]; data/ripmime-1.4.0.10.debian.1/MIME_headers.h:109:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char to[_MIMEH_STRLEN_MAX +1]; data/ripmime-1.4.0.10.debian.1/MIME_headers.h:110:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char messageid[_MIMEH_STRLEN_MAX +1]; data/ripmime-1.4.0.10.debian.1/MIME_headers.h:111:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char received[_MIMEH_STRLEN_MAX +1]; data/ripmime-1.4.0.10.debian.1/MIME_headers.h:120:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char content_transfer_encoding_string[ _MIMEH_CONTENT_TRANSFER_ENCODING_MAX +1 ]; data/ripmime-1.4.0.10.debian.1/MIME_headers.h:122:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char content_disposition_string[ _MIMEH_CONTENT_DISPOSITION_MAX +1 ]; data/ripmime-1.4.0.10.debian.1/MIME_headers.h:123:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char charset[_MIMEH_STRLEN_MAX +1]; data/ripmime-1.4.0.10.debian.1/MIME_headers.h:126:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char uudec_name[_MIMEH_FILENAMELEN_MAX +1]; // UUDecode name. This is a post-decode information field. data/ripmime-1.4.0.10.debian.1/MIME_headers.h:153:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mailpack_name[1024]; data/ripmime-1.4.0.10.debian.1/boundary-stack.c:31:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char boundarystacksafe[BS_STRLEN_MAX]; data/ripmime-1.4.0.10.debian.1/boundary-stack.c:468:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char testspace[128]; // was 1024 data/ripmime-1.4.0.10.debian.1/ffget.c:210:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(f->buffer,buffer,size); data/ripmime-1.4.0.10.debian.1/ffget.c:619:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(line, f->startpoint, max_size +1);//+1 data/ripmime-1.4.0.10.debian.1/ffget.c:636:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(line, f->startpoint, chardiff +1); data/ripmime-1.4.0.10.debian.1/ffget.h:12:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[FFGET_BUFFER_MAX +FFGET_BUFFER_PADDING]; data/ripmime-1.4.0.10.debian.1/filename-filters.c:99:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[1024]; data/ripmime-1.4.0.10.debian.1/filename-filters.c:183:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[1024]; data/ripmime-1.4.0.10.debian.1/libmime-decoders.c:30:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char b64[256]={ data/ripmime-1.4.0.10.debian.1/libmime-decoders.c:53:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char hexconv[256]={ data/ripmime-1.4.0.10.debian.1/libmime-decoders.c:79:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out_charset[MDECODE_ISO_CHARSET_SIZE_MAX]; data/ripmime-1.4.0.10.debian.1/libmime-decoders.c:80:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char current_charset[MDECODE_ISO_CHARSET_SIZE_MAX]; data/ripmime-1.4.0.10.debian.1/libmime-decoders.c:199:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output[3]; /* The 4->3 byte output array */ data/ripmime-1.4.0.10.debian.1/libmime-decoders.c:200:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char input[4]; /* The 4->3 byte input array */ data/ripmime-1.4.0.10.debian.1/logger.c:107:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). _LOGGER_outf = fopen(lfname,"a"); data/ripmime-1.4.0.10.debian.1/logger.c:289:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpoutput[10240]; data/ripmime-1.4.0.10.debian.1/mime.c:107:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char b64[256]={ data/ripmime-1.4.0.10.debian.1/mime.c:133:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char blankfileprefix[_MIME_STRLEN_MAX]; data/ripmime-1.4.0.10.debian.1/mime.c:146:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char headersname[_MIME_STRLEN_MAX]; data/ripmime-1.4.0.10.debian.1/mime.c:147:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempdirectory[_MIME_STRLEN_MAX]; data/ripmime-1.4.0.10.debian.1/mime.c:155:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out_charset[MDECODE_ISO_CHARSET_SIZE_MAX]; data/ripmime-1.4.0.10.debian.1/mime.c:170:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char blankzone_filename[_MIMEH_STRLEN_MAX +1]; data/ripmime-1.4.0.10.debian.1/mime.c:181:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char subject[_MIME_STRLEN_MAX]; data/ripmime-1.4.0.10.debian.1/mime.c:191:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char scratch[1024]; data/ripmime-1.4.0.10.debian.1/mime.c:1015:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newname[_MIME_STRLEN_MAX +1]; data/ripmime-1.4.0.10.debian.1/mime.c:1016:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scr[_MIME_STRLEN_MAX +1]; /** Scratch var **/ data/ripmime-1.4.0.10.debian.1/mime.c:1097:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char conditions[16][16] = { data/ripmime-1.4.0.10.debian.1/mime.c:1108:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(fname,"r"); data/ripmime-1.4.0.10.debian.1/mime.c:1230:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullpath[1024]; data/ripmime-1.4.0.10.debian.1/mime.c:1265:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullpath[1024]; data/ripmime-1.4.0.10.debian.1/mime.c:1283:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fo = open(fullpath, O_WRONLY|O_CREAT, S_IRUSR|S_IWUSR); data/ripmime-1.4.0.10.debian.1/mime.c:1332:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char full_decode_path[512]; data/ripmime-1.4.0.10.debian.1/mime.c:1391:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullfilename[1024]=""; // Filename of the output file data/ripmime-1.4.0.10.debian.1/mime.c:1392:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[1024]; // The input lines from the file we're decoding data/ripmime-1.4.0.10.debian.1/mime.c:1412:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). of = fopen(fullfilename,"w"); data/ripmime-1.4.0.10.debian.1/mime.c:1504:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ffname[256]; data/ripmime-1.4.0.10.debian.1/mime.c:1594:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char output[3]; /* The 4->3 byte output array */ data/ripmime-1.4.0.10.debian.1/mime.c:1595:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char input[4]; /* The 4->3 byte input array */ data/ripmime-1.4.0.10.debian.1/mime.c:1596:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullMIME_filename[_MIME_STRLEN_MAX]=""; /* Full Filename of output file */ data/ripmime-1.4.0.10.debian.1/mime.c:1615:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). of = open(fullMIME_filename, O_WRONLY|O_CREAT, S_IRUSR|S_IWUSR); data/ripmime-1.4.0.10.debian.1/mime.c:1734:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratch[1024]; data/ripmime-1.4.0.10.debian.1/mime.c:1996:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[128]; data/ripmime-1.4.0.10.debian.1/mime.c:2090:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = open(src_mpname, O_RDONLY); data/ripmime-1.4.0.10.debian.1/mime.c:2105:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = open(dest_mpname,O_WRONLY|O_CREAT, S_IRUSR|S_IWUSR); data/ripmime-1.4.0.10.debian.1/mime.c:2174:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(mpname,"w"); data/ripmime-1.4.0.10.debian.1/mime.c:2309:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char oldname[1024]; data/ripmime-1.4.0.10.debian.1/mime.c:2323:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newname[1024]; data/ripmime-1.4.0.10.debian.1/mime.c:2357:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newname[1024]; data/ripmime-1.4.0.10.debian.1/mime.c:2715:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullpath[256]; data/ripmime-1.4.0.10.debian.1/mime.c:2970:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ifullfilename[1024]=""; // Filename of the input file data/ripmime-1.4.0.10.debian.1/mime.c:2971:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ofullfilename[1024]=""; // Filename of the output file data/ripmime-1.4.0.10.debian.1/mime.c:2972:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[1024]; // The input lines from the file we're decoding data/ripmime-1.4.0.10.debian.1/mime.c:2979:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifile = fopen(ifullfilename, "r"); data/ripmime-1.4.0.10.debian.1/mime.c:2984:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ofile = fopen(ofullfilename, "w"); data/ripmime-1.4.0.10.debian.1/mime.c:3459:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[1024]; data/ripmime-1.4.0.10.debian.1/mime.c:3460:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[1024]; data/ripmime-1.4.0.10.debian.1/mime.c:3475:52: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (strcmp(mpname,"-")==0) fi = stdin; else fi = fopen(mpname,"r"); // 20040208-1715:PLD data/ripmime-1.4.0.10.debian.1/mime.c:3483:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fo = fopen(fname,"w"); data/ripmime-1.4.0.10.debian.1/mime.c:3521:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fo = fopen(fname,"w"); data/ripmime-1.4.0.10.debian.1/mime.c:3612:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fi = fopen(mpname,"r"); data/ripmime-1.4.0.10.debian.1/mime.c:3691:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). hf = fopen(scratch,"w"); data/ripmime-1.4.0.10.debian.1/ripOLE/logger.c:107:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). _LOGGER_outf = fopen(lfname,"a"); data/ripmime-1.4.0.10.debian.1/ripOLE/logger.c:289:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpoutput[10240]; data/ripmime-1.4.0.10.debian.1/ripOLE/ole.c:371:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(block_buffer, bb, ole->header.sector_size); data/ripmime-1.4.0.10.debian.1/ripOLE/ole.c:414:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( block_buffer, ole->ministream +offset, ole->header.mini_sector_size); data/ripmime-1.4.0.10.debian.1/ripOLE/ole.c:784:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( dir->element_name, buf, OLE_DIRECTORY_ELEMENT_NAME_SIZE ); data/ripmime-1.4.0.10.debian.1/ripOLE/ole.c:820:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( dir->class, buf +0x50, 16 ); data/ripmime-1.4.0.10.debian.1/ripOLE/ole.c:822:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( dir->timestamps, buf +0x64, 16 ); /** Actually consists of 2 8 byte stamps **/ data/ripmime-1.4.0.10.debian.1/ripOLE/ole.c:858:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char element[64]; data/ripmime-1.4.0.10.debian.1/ripOLE/ole.c:1415:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(fullpath,"r"); data/ripmime-1.4.0.10.debian.1/ripOLE/ole.c:1518:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(full_path,"w"); data/ripmime-1.4.0.10.debian.1/ripOLE/ole.c:1667:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char element_name[64]; data/ripmime-1.4.0.10.debian.1/ripOLE/ole.h:66:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char element_name[OLE_DIRECTORY_ELEMENT_NAME_SIZE]; data/ripmime-1.4.0.10.debian.1/ripOLE/ole.h:76:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char class[OLE_DIRECTORY_CLASS_SIZE]; data/ripmime-1.4.0.10.debian.1/ripOLE/ole.h:78:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char timestamps[OLE_DIRECTORY_TIMESTAMPS_SIZE]; data/ripmime-1.4.0.10.debian.1/ripOLE/ole.h:98:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char header_block[OLE_HEADER_BLOCK_SIZE]; data/ripmime-1.4.0.10.debian.1/ripOLE/olestream-unwrap.c:16:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char data[6]; data/ripmime-1.4.0.10.debian.1/ripOLE/olestream-unwrap.c:18:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char data2[8]; data/ripmime-1.4.0.10.debian.1/ripOLE/olestream-unwrap.c:168:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(full_name,"w"); data/ripmime-1.4.0.10.debian.1/ripOLE/olestream-unwrap.c:394:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( oh.data, sp, 2 ); data/ripmime-1.4.0.10.debian.1/ripOLE/olestream-unwrap.c:406:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( oh.data2, sp, 8 ); data/ripmime-1.4.0.10.debian.1/ripmime.c:447:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). level = atoi(argv[i+1]); data/ripmime-1.4.0.10.debian.1/ripmime.c:460:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). seconds = atoi(argv[i+1]); data/ripmime-1.4.0.10.debian.1/ripmime.c:638:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullfilename[1024]; data/ripmime-1.4.0.10.debian.1/strstack.h:20:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char datastacksafe[SS_STRLEN_MAX]; data/ripmime-1.4.0.10.debian.1/tnef/logger.c:107:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). _LOGGER_outf = fopen(lfname,"a"); data/ripmime-1.4.0.10.debian.1/tnef/logger.c:289:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpoutput[10240]; data/ripmime-1.4.0.10.debian.1/tnef/tnef.c:70:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[ TNEF_PATH_SIZE +1]; data/ripmime-1.4.0.10.debian.1/tnef/tnef.c:306:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char s[256] = ""; data/ripmime-1.4.0.10.debian.1/tnef/tnef.c:332:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[1024]; data/ripmime-1.4.0.10.debian.1/tnef/tnef.c:337:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). out = fopen(filename, "w"); data/ripmime-1.4.0.10.debian.1/tnef/tnef.c:373:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[256]; data/ripmime-1.4.0.10.debian.1/tnef/tnef.c:387:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (filename, "XAM_%d.rtf", TNEF_glb.file_num); data/ripmime-1.4.0.10.debian.1/tnef/tnef.c:495:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char attach_title[256] = { data/ripmime-1.4.0.10.debian.1/tnef/tnef.c:820:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen(filename,"r")) == NULL) data/ripmime-1.4.0.10.debian.1/uuencode.c:45:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char uudec[256]={ data/ripmime-1.4.0.10.debian.1/uuencode.c:244:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[UUENCODE_STRLEN_MAX]; data/ripmime-1.4.0.10.debian.1/uuencode.c:274:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ((atoi(fp) == 0)||(atoi(fp) > 777)) // Maximum is 777, because R+W+X = 7 data/ripmime-1.4.0.10.debian.1/uuencode.c:274:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if ((atoi(fp) == 0)||(atoi(fp) > 777)) // Maximum is 777, because R+W+X = 7 data/ripmime-1.4.0.10.debian.1/uuencode.c:312:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[ UUENCODE_STRLEN_MAX ]; data/ripmime-1.4.0.10.debian.1/uuencode.c:315:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(fname,"r"); data/ripmime-1.4.0.10.debian.1/uuencode.c:364:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[ UUENCODE_STRLEN_MAX ]; data/ripmime-1.4.0.10.debian.1/uuencode.c:367:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullpath[ UUENCODE_STRLEN_MAX ]=""; data/ripmime-1.4.0.10.debian.1/uuencode.c:407:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inf = fopen(fullpath,"r"); data/ripmime-1.4.0.10.debian.1/uuencode.c:533:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outf = fopen(fullpath, "wb"); data/ripmime-1.4.0.10.debian.1/uuencode.c:606:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c[3]; data/ripmime-1.4.0.10.debian.1/MIME_headers.c:1139:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). linesize = strlen(linestart); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:1156:84: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (MIMEH_DNORMAL) LOGGER_log("MIMEH_read_headers:DEBUG:Data-In:[%d:%d] '%s'", strlen(linestart), linesize, linestart); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:1470:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buffer_start = buffer +strlen(buffer); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:1471:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buffer_size -= strlen(buffer); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:1525:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). bl = strlen(q); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:1537:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). q_len = strlen(q); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:1606:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(hl,searchstr,strlen(searchstr))==0) p = hl; else p = NULL; data/ripmime-1.4.0.10.debian.1/MIME_headers.c:1622:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). string = p -hl +data +strlen(searchstr); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:1660:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). before_string = string -1 -strlen(searchstr); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:1721:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). endchar = string +strlen(string) -1; data/ripmime-1.4.0.10.debian.1/MIME_headers.c:1819:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (((*string == '\"')&&(*(string +strlen(string)-1) == '\"')) data/ripmime-1.4.0.10.debian.1/MIME_headers.c:1820:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). || ((*string == '\'')&&(*(string +strlen(string)-1) == '\'')) ) data/ripmime-1.4.0.10.debian.1/MIME_headers.c:1822:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int slen = strlen(string) -2; data/ripmime-1.4.0.10.debian.1/MIME_headers.c:1881:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int plen = strlen(prefix_name); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:2025:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(glb.appledouble_filename)>0) data/ripmime-1.4.0.10.debian.1/MIME_headers.c:2057:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ch_end = ch_begin + strlen(ch_begin); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:2150:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (SS_cmp(&(hinfo->ss_names), hinfo->name, strlen(hinfo->name))==NULL) data/ripmime-1.4.0.10.debian.1/MIME_headers.c:2155:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). SS_push(&(hinfo->ss_names),hinfo->name,strlen(hinfo->name)); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:2278:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). SS_push(&(hinfo->ss_filenames), hinfo->filename, strlen(hinfo->filename)); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:2513:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). SS_push(&(hinfo->ss_filenames), hinfo->name, strlen(hinfo->name)); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:2581:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tlen = strlen(tokenstr); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:2770:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). headerlength = strlen(h); data/ripmime-1.4.0.10.debian.1/MIME_headers.c:2921:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). || (strlen(hinfo->content_transfer_encoding_string) < 1) data/ripmime-1.4.0.10.debian.1/boundary-stack.c:268:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). glb.boundarystack->boundary_length = strlen(glb.boundarystack->boundary); data/ripmime-1.4.0.10.debian.1/ffget.c:506:20: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nextchar = c = fgetc(f->f); data/ripmime-1.4.0.10.debian.1/ffget.c:668:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). f->lastchar = line[strlen(line) -1]; data/ripmime-1.4.0.10.debian.1/filename-filters.c:188:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fnl = strlen(fname); data/ripmime-1.4.0.10.debian.1/filename-filters.c:277:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). FNFILTER_paranoid_filter( fname, strlen( fname ) ); data/ripmime-1.4.0.10.debian.1/libmime-decoders.c:151:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t inbytesleft = strlen(text); data/ripmime-1.4.0.10.debian.1/libmime-decoders.c:178:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(text, strlen(text), "%s", out_str); data/ripmime-1.4.0.10.debian.1/libmime-decoders.c:195:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int realm_size = strlen( short64 ); data/ripmime-1.4.0.10.debian.1/libmime-decoders.c:277:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int slen = strlen(line); /* Length of our line */ data/ripmime-1.4.0.10.debian.1/libmime-decoders.c:407:110: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). DMD LOGGER_log("%s:%d:MDECODE_decode_quoted_printable:DEBUG: Output = '%s' Output length = %d\n", FL, line, strlen(line)); data/ripmime-1.4.0.10.debian.1/libmime-decoders.c:429:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (glb.decode_qp == 0) return strlen(line); data/ripmime-1.4.0.10.debian.1/libmime-decoders.c:497:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). iso_end = strchr( iso_start +strlen("=?"), '?' ); // Jump past the encoding data/ripmime-1.4.0.10.debian.1/libmime-decoders.c:509:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). iso = iso_start +strlen("=?"); data/ripmime-1.4.0.10.debian.1/logger.c:194:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int slen = strlen( string ); data/ripmime-1.4.0.10.debian.1/logger.c:308:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( output[strlen(output)-1] == '\n' ) { data/ripmime-1.4.0.10.debian.1/logger.c:315:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( output[strlen(output)-1] == '\n' ) { lineend = nolinebreak; } else { lineend = linebreak; } data/ripmime-1.4.0.10.debian.1/mime.c:1135:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncasecmp(line,conditions[result],strlen(conditions[result]))==0) data/ripmime-1.4.0.10.debian.1/mime.c:1422:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int line_len = strlen(line); data/ripmime-1.4.0.10.debian.1/mime.c:1738:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hit = BS_cmp(scratch,strlen(scratch) +1); data/ripmime-1.4.0.10.debian.1/mime.c:1744:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hit = BS_cmp((f->startpoint -1),strlen(f->startpoint) +1); data/ripmime-1.4.0.10.debian.1/mime.c:2001:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (BS_cmp(buffer,strlen(buffer)) > 0) break; data/ripmime-1.4.0.10.debian.1/mime.c:2115:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). readcount = read( fin, rw_buffer, rw_buffer_size ); data/ripmime-1.4.0.10.debian.1/mime.c:2451:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strncmp(hinfo->filename, glb.blankfileprefix, strlen(glb.blankfileprefix)) != 0) data/ripmime-1.4.0.10.debian.1/mime.c:2520:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). SS_push(ss, fp, strlen(fp)); data/ripmime-1.4.0.10.debian.1/mime.c:2729:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( strncmp( glb.blankfileprefix, filename, strlen( glb.blankfileprefix ) ) == 0 ) data/ripmime-1.4.0.10.debian.1/mime.c:2998:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t bytes_to_convert = strlen(line); data/ripmime-1.4.0.10.debian.1/mime.c:3132:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen(glb.subject) < 1)&&(strlen(h->subject) > 0)) data/ripmime-1.4.0.10.debian.1/mime.c:3132:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen(glb.subject) < 1)&&(strlen(h->subject) > 0)) data/ripmime-1.4.0.10.debian.1/mime.c:3167:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lbc = h->boundary +strlen(h->boundary) -1; data/ripmime-1.4.0.10.debian.1/pldstr.c:420:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). source_length = strlen( replace_details->source ); data/ripmime-1.4.0.10.debian.1/pldstr.c:422:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). searchfor_length = strlen(replace_details->searchfor); data/ripmime-1.4.0.10.debian.1/pldstr.c:423:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). replacewith_length = strlen(replace_details->replacewith); data/ripmime-1.4.0.10.debian.1/pldstr.c:428:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((replace_details->preexist != NULL)&&(strlen(replace_details->preexist) < 1)) replace_details->preexist = NULL; data/ripmime-1.4.0.10.debian.1/pldstr.c:429:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((replace_details->postexist != NULL)&&(strlen(replace_details->postexist) < 1)) replace_details->postexist = NULL; data/ripmime-1.4.0.10.debian.1/pldstr.c:455:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = p +strlen(replace_details->postexist); data/ripmime-1.4.0.10.debian.1/ripOLE/logger.c:194:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int slen = strlen( string ); data/ripmime-1.4.0.10.debian.1/ripOLE/logger.c:308:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( output[strlen(output)-1] == '\n' ) { data/ripmime-1.4.0.10.debian.1/ripOLE/logger.c:315:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( output[strlen(output)-1] == '\n' ) { lineend = nolinebreak; } else { lineend = linebreak; } data/ripmime-1.4.0.10.debian.1/ripOLE/olestream-unwrap.c:399:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sp = sp + strlen(oh.attach_name) +1; data/ripmime-1.4.0.10.debian.1/ripOLE/olestream-unwrap.c:403:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sp += strlen(oh.fname_1) +1; data/ripmime-1.4.0.10.debian.1/ripOLE/olestream-unwrap.c:411:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sp += strlen(oh.fname_2) +1; data/ripmime-1.4.0.10.debian.1/ripOLE/pldstr.c:420:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). source_length = strlen( replace_details->source ); data/ripmime-1.4.0.10.debian.1/ripOLE/pldstr.c:422:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). searchfor_length = strlen(replace_details->searchfor); data/ripmime-1.4.0.10.debian.1/ripOLE/pldstr.c:423:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). replacewith_length = strlen(replace_details->replacewith); data/ripmime-1.4.0.10.debian.1/ripOLE/pldstr.c:428:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((replace_details->preexist != NULL)&&(strlen(replace_details->preexist) < 1)) replace_details->preexist = NULL; data/ripmime-1.4.0.10.debian.1/ripOLE/pldstr.c:429:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((replace_details->postexist != NULL)&&(strlen(replace_details->postexist) < 1)) replace_details->postexist = NULL; data/ripmime-1.4.0.10.debian.1/ripOLE/pldstr.c:455:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = p +strlen(replace_details->postexist); data/ripmime-1.4.0.10.debian.1/ripmime-api.c:107:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (rm->outputdir[strlen (rm->outputdir) - 1] == '/') data/ripmime-1.4.0.10.debian.1/ripmime-api.c:109:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rm->outputdir[strlen (rm->outputdir) - 1] = '\0'; data/ripmime-1.4.0.10.debian.1/ripmime.c:300:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp (&(argv[i][2]), "verbose-contenttype", strlen ("verbose-contenttype")) == 0) { data/ripmime-1.4.0.10.debian.1/ripmime.c:306:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (strncmp(&(argv[i][2]), "verbose-mime", strlen("verbose-mime"))==0) { data/ripmime-1.4.0.10.debian.1/ripmime.c:309:61: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if (strncmp (&(argv[i][2]), "verbose-oldstyle", strlen ("verbose-oldstyle")) == 0) { data/ripmime-1.4.0.10.debian.1/ripmime.c:414:62: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strncmp (&(argv[i][2]), "no-quotedprintable", strlen("no-quotedprintable")) == 0) data/ripmime-1.4.0.10.debian.1/ripmime.c:418:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strncmp(&(argv[i][2]), "no-doublecr", strlen("no-doublecr")) == 0) data/ripmime-1.4.0.10.debian.1/ripmime.c:422:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strncmp(&(argv[i][2]), "no-mht", strlen("no-mht")) == 0) data/ripmime-1.4.0.10.debian.1/ripmime.c:426:60: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strncmp(&(argv[i][2]), "disable-header-fix", strlen("disable-headerfix")) == 0) { data/ripmime-1.4.0.10.debian.1/ripmime.c:429:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strncmp(&(argv[i][2]), "qmail-bounce", strlen("qmail-bounce")) == 0) data/ripmime-1.4.0.10.debian.1/ripmime.c:433:63: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strncmp(&(argv[i][2]), "disable-qmail-bounce", strlen("disable-qmail-bounce")) == 0) data/ripmime-1.4.0.10.debian.1/ripmime.c:437:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strncmp(&(argv[i][2]), "no-multiple-filenames", strlen("no-multiple-filenames")) == 0) data/ripmime-1.4.0.10.debian.1/ripmime.c:441:56: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strncmp(&(argv[i][2]), "recursion-max", strlen("recursion-max")) == 0) data/ripmime-1.4.0.10.debian.1/ripmime.c:454:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strncmp(&(argv[i][2]), "timeout", strlen("timeout")) == 0) data/ripmime-1.4.0.10.debian.1/ripmime.c:477:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strncmp(&(argv[i][2]), "extended-errors", strlen("extended-errors")) == 0) data/ripmime-1.4.0.10.debian.1/ripmime.c:736:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (glb.dir[strlen (glb.dir) - 1] == '/') data/ripmime-1.4.0.10.debian.1/ripmime.c:738:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). glb.dir[strlen (glb.dir) - 1] = '\0'; data/ripmime-1.4.0.10.debian.1/tnef/logger.c:194:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int slen = strlen( string ); data/ripmime-1.4.0.10.debian.1/tnef/logger.c:308:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( output[strlen(output)-1] == '\n' ) { data/ripmime-1.4.0.10.debian.1/tnef/logger.c:315:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( output[strlen(output)-1] == '\n' ) { lineend = nolinebreak; } else { lineend = linebreak; } data/ripmime-1.4.0.10.debian.1/tnef/tnef.c:581:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (TNEF_glb.savedata && strlen(attach_title)>0 && attach_size > 0) { data/ripmime-1.4.0.10.debian.1/tnef/tnef.c:601:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(attach_title, make_string(tsp+header,size),255); data/ripmime-1.4.0.10.debian.1/tnef/tnef.c:602:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (TNEF_glb.savedata && strlen(attach_title)>0 && attach_size > 0) { data/ripmime-1.4.0.10.debian.1/uuencode.c:593:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buflen = strlen(buf) -1; ANALYSIS SUMMARY: Hits = 240 Lines analyzed = 18733 in approximately 0.51 seconds (36881 lines/second) Physical Source Lines of Code (SLOC) = 9374 Hits@level = [0] 133 [1] 94 [2] 135 [3] 2 [4] 9 [5] 0 Hits@level+ = [0+] 373 [1+] 240 [2+] 146 [3+] 11 [4+] 9 [5+] 0 Hits/KSLOC@level+ = [0+] 39.7909 [1+] 25.6027 [2+] 15.575 [3+] 1.17346 [4+] 0.960102 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.