Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/safeclib-3.5/src/mem/mem_primitives_lib.c
Examining data/safeclib-3.5/src/mem/mem_primitives_lib.h
Examining data/safeclib-3.5/src/mem/memmove_s.c
Examining data/safeclib-3.5/src/mem/memset_s.c
Examining data/safeclib-3.5/src/mem/safe_mem_constraint.c
Examining data/safeclib-3.5/src/mem/safe_mem_constraint.h
Examining data/safeclib-3.5/src/mem/memcpy_s.c
Examining data/safeclib-3.5/src/io/sscanf_s.c
Examining data/safeclib-3.5/src/io/tmpfile_s.c
Examining data/safeclib-3.5/src/io/fprintf_s.c
Examining data/safeclib-3.5/src/io/vscanf_s.c
Examining data/safeclib-3.5/src/io/gets_s.c
Examining data/safeclib-3.5/src/io/vsscanf_s.c
Examining data/safeclib-3.5/src/io/scanf_s.c
Examining data/safeclib-3.5/src/io/vfprintf_s.c
Examining data/safeclib-3.5/src/io/fopen_s.c
Examining data/safeclib-3.5/src/io/fscanf_s.c
Examining data/safeclib-3.5/src/io/printf_s.c
Examining data/safeclib-3.5/src/io/vprintf_s.c
Examining data/safeclib-3.5/src/io/vfscanf_s.c
Examining data/safeclib-3.5/src/io/freopen_s.c
Examining data/safeclib-3.5/src/io/tmpnam_s.c
Examining data/safeclib-3.5/src/abort_handler_s.c
Examining data/safeclib-3.5/src/os/ctime_s.c
Examining data/safeclib-3.5/src/os/getenv_s.c
Examining data/safeclib-3.5/src/os/gmtime_s.c
Examining data/safeclib-3.5/src/os/localtime_s.c
Examining data/safeclib-3.5/src/os/asctime_s.c
Examining data/safeclib-3.5/src/str/sprintf_s.c
Examining data/safeclib-3.5/src/str/snprintf_s.c
Examining data/safeclib-3.5/src/str/strcpy_s.c
Examining data/safeclib-3.5/src/str/strncpy_s.c
Examining data/safeclib-3.5/src/str/vsnprintf_s.c
Examining data/safeclib-3.5/src/str/strtok_s.c
Examining data/safeclib-3.5/src/str/strnlen_s.c
Examining data/safeclib-3.5/src/str/vsprintf_s.c
Examining data/safeclib-3.5/src/str/strcat_s.c
Examining data/safeclib-3.5/src/str/strerror_s.h
Examining data/safeclib-3.5/src/str/strncat_s.c
Examining data/safeclib-3.5/src/str/strerror_s.c
Examining data/safeclib-3.5/src/str/safe_str_constraint.h
Examining data/safeclib-3.5/src/str/safe_str_constraint.c
Examining data/safeclib-3.5/src/wchar/wcsncpy_s.c
Examining data/safeclib-3.5/src/wchar/wcstok_s.c
Examining data/safeclib-3.5/src/wchar/swscanf_s.c
Examining data/safeclib-3.5/src/wchar/wcstombs_s.c
Examining data/safeclib-3.5/src/wchar/wcsrtombs_s.c
Examining data/safeclib-3.5/src/wchar/wcscat_s.c
Examining data/safeclib-3.5/src/wchar/fwscanf_s.c
Examining data/safeclib-3.5/src/wchar/vsnwprintf_s.c
Examining data/safeclib-3.5/src/wchar/wctomb_s.c
Examining data/safeclib-3.5/src/wchar/vwscanf_s.c
Examining data/safeclib-3.5/src/wchar/wmemmove_s.c
Examining data/safeclib-3.5/src/wchar/mbsrtowcs_s.c
Examining data/safeclib-3.5/src/wchar/wscanf_s.c
Examining data/safeclib-3.5/src/wchar/wcsncat_s.c
Examining data/safeclib-3.5/src/wchar/wmemcpy_s.c
Examining data/safeclib-3.5/src/wchar/wcscpy_s.c
Examining data/safeclib-3.5/src/wchar/vwprintf_s.c
Examining data/safeclib-3.5/src/wchar/vfwprintf_s.c
Examining data/safeclib-3.5/src/wchar/mbstowcs_s.c
Examining data/safeclib-3.5/src/wchar/vswprintf_s.c
Examining data/safeclib-3.5/src/wchar/wprintf_s.c
Examining data/safeclib-3.5/src/wchar/swprintf_s.c
Examining data/safeclib-3.5/src/wchar/wcsnlen_s.c
Examining data/safeclib-3.5/src/wchar/fwprintf_s.c
Examining data/safeclib-3.5/src/wchar/vswscanf_s.c
Examining data/safeclib-3.5/src/wchar/wcrtomb_s.c
Examining data/safeclib-3.5/src/wchar/snwprintf_s.c
Examining data/safeclib-3.5/src/wchar/vfwscanf_s.c
Examining data/safeclib-3.5/src/ignore_handler_s.c
Examining data/safeclib-3.5/src/extstr/strremovews_s.c
Examining data/safeclib-3.5/src/extstr/strlastsame_s.c
Examining data/safeclib-3.5/src/extstr/strislowercase_s.c
Examining data/safeclib-3.5/src/extstr/strcpyfld_s.c
Examining data/safeclib-3.5/src/extstr/strisalphanumeric_s.c
Examining data/safeclib-3.5/src/extstr/strljustify_s.c
Examining data/safeclib-3.5/src/extstr/strcmp_s.c
Examining data/safeclib-3.5/src/extstr/strishex_s.c
Examining data/safeclib-3.5/src/extstr/strisascii_s.c
Examining data/safeclib-3.5/src/extstr/strrchr_s.c
Examining data/safeclib-3.5/src/extstr/strtolowercase_s.c
Examining data/safeclib-3.5/src/extstr/strcmpfld_s.c
Examining data/safeclib-3.5/src/extstr/strispassword_s.c
Examining data/safeclib-3.5/src/extstr/strstr_s.c
Examining data/safeclib-3.5/src/extstr/strcpyfldout_s.c
Examining data/safeclib-3.5/src/extstr/strtouppercase_s.c
Examining data/safeclib-3.5/src/extstr/strcpyfldin_s.c
Examining data/safeclib-3.5/src/extstr/strcoll_s.c
Examining data/safeclib-3.5/src/extstr/strisdigit_s.c
Examining data/safeclib-3.5/src/extstr/strcspn_s.c
Examining data/safeclib-3.5/src/extstr/strnset_s.c
Examining data/safeclib-3.5/src/extstr/strlastchar_s.c
Examining data/safeclib-3.5/src/extstr/strisuppercase_s.c
Examining data/safeclib-3.5/src/extstr/strlastdiff_s.c
Examining data/safeclib-3.5/src/extstr/strpbrk_s.c
Examining data/safeclib-3.5/src/extstr/strnatcmp_s.c
Examining data/safeclib-3.5/src/extstr/strcasestr_s.c
Examining data/safeclib-3.5/src/extstr/strset_s.c
Examining data/safeclib-3.5/src/extstr/strprefix_s.c
Examining data/safeclib-3.5/src/extstr/strfirstchar_s.c
Examining data/safeclib-3.5/src/extstr/strzero_s.c
Examining data/safeclib-3.5/src/extstr/strismixedcase_s.c
Examining data/safeclib-3.5/src/extstr/strspn_s.c
Examining data/safeclib-3.5/src/extstr/strfirstdiff_s.c
Examining data/safeclib-3.5/src/extstr/strcasecmp_s.c
Examining data/safeclib-3.5/src/extstr/strchr_s.c
Examining data/safeclib-3.5/src/extstr/strfirstsame_s.c
Examining data/safeclib-3.5/src/extstr/strnterminate_s.c
Examining data/safeclib-3.5/src/safeclib_private.h
Examining data/safeclib-3.5/src/extwchar/unwifcmp.h
Examining data/safeclib-3.5/src/extwchar/wmemcmp_s.c
Examining data/safeclib-3.5/src/extwchar/wcslwr_s.c
Examining data/safeclib-3.5/src/extwchar/wcscoll_s.c
Examining data/safeclib-3.5/src/extwchar/unw16ifcan.h
Examining data/safeclib-3.5/src/extwchar/unwifcmb.h
Examining data/safeclib-3.5/src/extwchar/wcsfc_s.c
Examining data/safeclib-3.5/src/extwchar/wcsncmp_s.c
Examining data/safeclib-3.5/src/extwchar/wcsnorm_s.c
Examining data/safeclib-3.5/src/extwchar/wcsnatcmp_s.c
Examining data/safeclib-3.5/src/extwchar/towfc_s.c
Examining data/safeclib-3.5/src/extwchar/unwifcpt.h
Examining data/safeclib-3.5/src/extwchar/wcscmp_s.c
Examining data/safeclib-3.5/src/extwchar/unw16ifexc.h
Examining data/safeclib-3.5/src/extwchar/wcsstr_s.c
Examining data/safeclib-3.5/src/extwchar/wcsset_s.c
Examining data/safeclib-3.5/src/extwchar/unw16ifcmp.h
Examining data/safeclib-3.5/src/extwchar/hangul.h
Examining data/safeclib-3.5/src/extwchar/towctrans.c
Examining data/safeclib-3.5/src/extwchar/unw16ifcmb.h
Examining data/safeclib-3.5/src/extwchar/wcsupr_s.c
Examining data/safeclib-3.5/src/extwchar/unwifcan.h
Examining data/safeclib-3.5/src/extwchar/wcsnset_s.c
Examining data/safeclib-3.5/src/extwchar/unw16ifcpt.h
Examining data/safeclib-3.5/src/extwchar/unwifexc.h
Examining data/safeclib-3.5/src/extwchar/wcsicmp_s.c
Examining data/safeclib-3.5/src/extwchar/wcsstr.c
Examining data/safeclib-3.5/src/extmem/memccpy_s.c
Examining data/safeclib-3.5/src/extmem/memcpy32_s.c
Examining data/safeclib-3.5/src/extmem/memzero_s.c
Examining data/safeclib-3.5/src/extmem/timingsafe_memcmp.c
Examining data/safeclib-3.5/src/extmem/memrchr_s.c
Examining data/safeclib-3.5/src/extmem/memmove32_s.c
Examining data/safeclib-3.5/src/extmem/timingsafe_bcmp.c
Examining data/safeclib-3.5/src/extmem/memcmp16_s.c
Examining data/safeclib-3.5/src/extmem/memset32_s.c
Examining data/safeclib-3.5/src/extmem/memchr_s.c
Examining data/safeclib-3.5/src/extmem/memcpy16_s.c
Examining data/safeclib-3.5/src/extmem/memset16_s.c
Examining data/safeclib-3.5/src/extmem/memcmp_s.c
Examining data/safeclib-3.5/src/extmem/memcmp32_s.c
Examining data/safeclib-3.5/src/extmem/memzero16_s.c
Examining data/safeclib-3.5/src/extmem/memzero32_s.c
Examining data/safeclib-3.5/src/extmem/memmove16_s.c
Examining data/safeclib-3.5/src/slkm/slkm_init.c
Examining data/safeclib-3.5/src/misc/qsort_s.c
Examining data/safeclib-3.5/src/misc/bsearch_s.c
Examining data/safeclib-3.5/tests/test_wcsicmp_s.c
Examining data/safeclib-3.5/tests/test_strtouppercase_s.c
Examining data/safeclib-3.5/tests/test_localtime_s.c
Examining data/safeclib-3.5/tests/test_memcmp16_s.c
Examining data/safeclib-3.5/tests/test_strncat_s.c
Examining data/safeclib-3.5/tests/test_vswscanf_s.c
Examining data/safeclib-3.5/tests/test_slkm.c
Examining data/safeclib-3.5/tests/test_strcpyfldin_s.c
Examining data/safeclib-3.5/tests/test_wcsnlen_s.c
Examining data/safeclib-3.5/tests/test_asctime_s.c
Examining data/safeclib-3.5/tests/test_strcasestr_s.c
Examining data/safeclib-3.5/tests/test_gmtime_s.c
Examining data/safeclib-3.5/tests/test_tmpfile_s.c
Examining data/safeclib-3.5/tests/test_wmemmove_s.c
Examining data/safeclib-3.5/tests/test_strrchr_s.c
Examining data/safeclib-3.5/tests/test_wcslwr_s.c
Examining data/safeclib-3.5/tests/test_memccpy_s.c
Examining data/safeclib-3.5/tests/test_memrchr_s.c
Examining data/safeclib-3.5/tests/test_memcmp_s.c
Examining data/safeclib-3.5/tests/test_timingsafe_memcmp.c
Examining data/safeclib-3.5/tests/test_memmove32_s.c
Examining data/safeclib-3.5/tests/test_strcpyfld_s.c
Examining data/safeclib-3.5/tests/test_strispassword_s.c
Examining data/safeclib-3.5/tests/test_strcasecmp_s.c
Examining data/safeclib-3.5/tests/test_strisalphanumeric_s.c
Examining data/safeclib-3.5/tests/test_printf_s.c
Examining data/safeclib-3.5/tests/perf_memcpy_s.c
Examining data/safeclib-3.5/tests/test_mbsrtowcs_s.c
Examining data/safeclib-3.5/tests/test_strncpy_s.c
Examining data/safeclib-3.5/tests/test_wcsnset_s.c
Examining data/safeclib-3.5/tests/test_strremovews_s.c
Examining data/safeclib-3.5/tests/test_wcscoll_s.c
Examining data/safeclib-3.5/tests/test_memzero32_s.c
Examining data/safeclib-3.5/tests/test_sprintf_s.c
Examining data/safeclib-3.5/tests/test_wcsfc_s.c
Examining data/safeclib-3.5/tests/test_fwscanf_s.c
Examining data/safeclib-3.5/tests/test_tmpnam_s.c
Examining data/safeclib-3.5/tests/test_strcpyfldout_s.c
Examining data/safeclib-3.5/tests/test_vwprintf_s.c
Examining data/safeclib-3.5/tests/test_strset_s.c
Examining data/safeclib-3.5/tests/test_strisuppercase_s.c
Examining data/safeclib-3.5/tests/test_memset32_s.c
Examining data/safeclib-3.5/tests/test_wcscmp_s.c
Examining data/safeclib-3.5/tests/test_freopen_s.c
Examining data/safeclib-3.5/tests/test_wctomb_s.c
Examining data/safeclib-3.5/tests/test_strlastsame_s.c
Examining data/safeclib-3.5/tests/test_strisdigit_s.c
Examining data/safeclib-3.5/tests/test_wcsupr_s.c
Examining data/safeclib-3.5/tests/test_wscanf_s.c
Examining data/safeclib-3.5/tests/test_qsort_s.c
Examining data/safeclib-3.5/tests/test_wcsncmp_s.c
Examining data/safeclib-3.5/tests/test_memchr_s.c
Examining data/safeclib-3.5/tests/test_msvcrt.c
Examining data/safeclib-3.5/tests/test_memcpy32_s.c
Examining data/safeclib-3.5/tests/test_wcsset_s.c
Examining data/safeclib-3.5/tests/test_strerrorlen_s.c
Examining data/safeclib-3.5/tests/test_private.h
Examining data/safeclib-3.5/tests/test_strfirstdiff_s.c
Examining data/safeclib-3.5/tests/test_strcmpfld_s.c
Examining data/safeclib-3.5/tests/test_fscanf_s.c
Examining data/safeclib-3.5/tests/test_ctime_s.c
Examining data/safeclib-3.5/tests/test_strnlen_s.c
Examining data/safeclib-3.5/tests/test_strljustify_s.c
Examining data/safeclib-3.5/tests/test_strtolowercase_s.c
Examining data/safeclib-3.5/tests/test_memset16_s.c
Examining data/safeclib-3.5/tests/test_snwprintf_s.c
Examining data/safeclib-3.5/tests/test_vfwscanf_s.c
Examining data/safeclib-3.5/tests/test_wcsnatcmp_s.c
Examining data/safeclib-3.5/tests/test_wcrtomb_s.c
Examining data/safeclib-3.5/tests/test_vfprintf_s.c
Examining data/safeclib-3.5/tests/test_memcmp32_s.c
Examining data/safeclib-3.5/tests/test_vfwprintf_s.c
Examining data/safeclib-3.5/tests/test_fopen_s.c
Examining data/safeclib-3.5/tests/perf_memcpy32_s.c
Examining data/safeclib-3.5/tests/test_strprefix_s.c
Examining data/safeclib-3.5/tests/test_memzero_s.c
Examining data/safeclib-3.5/tests/test_strlastchar_s.c
Examining data/safeclib-3.5/tests/test_timingsafe_bcmp.c
Examining data/safeclib-3.5/tests/test_mbstowcs_s.c
Examining data/safeclib-3.5/tests/test_strishex_s.c
Examining data/safeclib-3.5/tests/test_strfirstchar_s.c
Examining data/safeclib-3.5/tests/test_bsearch_s.c
Examining data/safeclib-3.5/tests/test_strerror_s.c
Examining data/safeclib-3.5/tests/test_memset_s.c
Examining data/safeclib-3.5/tests/test_wcstok_s.c
Examining data/safeclib-3.5/tests/test_vswprintf_s.c
Examining data/safeclib-3.5/tests/test_strlastdiff_s.c
Examining data/safeclib-3.5/tests/test_fwprintf_s.c
Examining data/safeclib-3.5/tests/test_memzero16_s.c
Examining data/safeclib-3.5/tests/test_strismixed_s.c
Examining data/safeclib-3.5/tests/test_vprintf_s.c
Examining data/safeclib-3.5/tests/test_vsprintf_s.c
Examining data/safeclib-3.5/tests/test_strisascii_s.c
Examining data/safeclib-3.5/tests/test_memmove_s.c
Examining data/safeclib-3.5/tests/test_wcsstr_s.c
Examining data/safeclib-3.5/tests/test_wcscat_s.c
Examining data/safeclib-3.5/tests/test_swprintf_s.c
Examining data/safeclib-3.5/tests/test_strcspn_s.c
Examining data/safeclib-3.5/tests/test_strfirstsame_s.c
Examining data/safeclib-3.5/tests/perf_strcpy_s.c
Examining data/safeclib-3.5/tests/test_strchr_s.c
Examining data/safeclib-3.5/tests/test_strcpy_s.c
Examining data/safeclib-3.5/tests/test_strcat_s.c
Examining data/safeclib-3.5/tests/test_wcsrtombs_s.c
Examining data/safeclib-3.5/tests/test_strstr_s.c
Examining data/safeclib-3.5/tests/test_wcsncat_s.c
Examining data/safeclib-3.5/tests/test_strnterminate_s.c
Examining data/safeclib-3.5/tests/test_scanf_s.c
Examining data/safeclib-3.5/tests/perf_memset_s.c
Examining data/safeclib-3.5/tests/test_memcpy_s.c
Examining data/safeclib-3.5/tests/test_gets_s.c
Examining data/safeclib-3.5/tests/test_wcsnorm_s.c
Examining data/safeclib-3.5/tests/test_memcpy16_s.c
Examining data/safeclib-3.5/tests/test_wprintf_s.c
Examining data/safeclib-3.5/tests/test_vsnprintf_s.c
Examining data/safeclib-3.5/tests/test_wcstombs_s.c
Examining data/safeclib-3.5/tests/test_vwscanf_s.c
Examining data/safeclib-3.5/tests/test_strislowercase_s.c
Examining data/safeclib-3.5/tests/test_strzero_s.c
Examining data/safeclib-3.5/tests/test_snprintf_s.c
Examining data/safeclib-3.5/tests/test_strtok_s.c
Examining data/safeclib-3.5/tests/test_msvcrt.h
Examining data/safeclib-3.5/tests/test_strnatcmp_s.c
Examining data/safeclib-3.5/tests/test_strnset_s.c
Examining data/safeclib-3.5/tests/test_strpbrk_s.c
Examining data/safeclib-3.5/tests/test_expmem.h
Examining data/safeclib-3.5/tests/test_sscanf_s.c
Examining data/safeclib-3.5/tests/test_wcscpy_s.c
Examining data/safeclib-3.5/tests/test_swscanf_s.c
Examining data/safeclib-3.5/tests/test_fprintf_s.c
Examining data/safeclib-3.5/tests/test_strcoll_s.c
Examining data/safeclib-3.5/tests/test_getenv_s.c
Examining data/safeclib-3.5/tests/test_wcsncpy_s.c
Examining data/safeclib-3.5/tests/test_wmemcmp_s.c
Examining data/safeclib-3.5/tests/test_wmemcpy_s.c
Examining data/safeclib-3.5/tests/test_memmove16_s.c
Examining data/safeclib-3.5/tests/test_vsnwprintf_s.c
Examining data/safeclib-3.5/tests/test_strspn_s.c
Examining data/safeclib-3.5/tests/test_towfc_s.c
Examining data/safeclib-3.5/tests/test_towlower.c
Examining data/safeclib-3.5/tests/test_towupper.c
Examining data/safeclib-3.5/tests/test_strcmp_s.c
Examining data/safeclib-3.5/include/safe_lib_errno.h
Examining data/safeclib-3.5/include/safe_types.h
Examining data/safeclib-3.5/include/safe_lib.h
Examining data/safeclib-3.5/include/safe_compile.h
Examining data/safeclib-3.5/include/safe_str_lib.h
Examining data/safeclib-3.5/include/safe_mem_lib.h
Examining data/safeclib-3.5/include/safe_config.h
FINAL RESULTS:
data/safeclib-3.5/src/io/fopen_s.c:105:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/io/fprintf_s.c:101:11: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
ret = vfprintf(stream, fmt, ap);
data/safeclib-3.5/src/io/fprintf_s.c:106:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/io/freopen_s.c:109:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/io/fscanf_s.c:131:11: [4] (buffer) vfscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
ret = vfscanf(stream, fmt, ap);
data/safeclib-3.5/src/io/fscanf_s.c:136:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/io/printf_s.c:90:11: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
ret = vprintf(fmt, ap);
data/safeclib-3.5/src/io/printf_s.c:95:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/io/scanf_s.c:125:11: [4] (buffer) vscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
ret = vscanf(fmt, ap);
data/safeclib-3.5/src/io/scanf_s.c:130:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/io/sscanf_s.c:134:11: [4] (buffer) vsscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
ret = vsscanf(buffer, fmt, ap);
data/safeclib-3.5/src/io/sscanf_s.c:139:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/io/tmpfile_s.c:99:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/io/vfprintf_s.c:97:11: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
ret = vfprintf(stream, fmt, ap);
data/safeclib-3.5/src/io/vfprintf_s.c:101:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/io/vfscanf_s.c:130:11: [4] (buffer) vfscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
ret = vfscanf(stream, fmt, ap);
data/safeclib-3.5/src/io/vfscanf_s.c:134:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/io/vprintf_s.c:88:11: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
ret = vprintf(fmt, ap);
data/safeclib-3.5/src/io/vprintf_s.c:92:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/io/vscanf_s.c:123:11: [4] (buffer) vscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
ret = vscanf(fmt, ap);
data/safeclib-3.5/src/io/vscanf_s.c:127:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/io/vsscanf_s.c:132:11: [4] (buffer) vsscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
ret = vsscanf(buffer, fmt, ap);
data/safeclib-3.5/src/io/vsscanf_s.c:136:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/mem/safe_mem_constraint.c:116:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "%s: wrong dmax %lu, dest has size %lu", func,
data/safeclib-3.5/src/os/getenv_s.c:121:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/safeclib_private.h:153:18: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define slprintf printf
data/safeclib-3.5/src/safeclib_private.h:154:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define sldebug_printf printf
data/safeclib-3.5/src/safeclib_private.h:156:23: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define slprintf(...) fprintf(stderr, __VA_ARGS__)
data/safeclib-3.5/src/safeclib_private.h:158:29: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define sldebug_printf(...) printf(__VA_ARGS__)
data/safeclib-3.5/src/safeclib_private.h:192:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define sldebug_printf printf
data/safeclib-3.5/src/safeclib_private.h:228:27: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define debug_printf(...) fprintf(STDERR, __VA_ARGS__)
data/safeclib-3.5/src/safeclib_private.h:230:22: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define debug_printf printf
data/safeclib-3.5/src/safeclib_private.h:587:9: [4] (format) vswprintf:
Potential format string problem (CWE-134). Make format string constant.
#define vswprintf(dest, dmax, fmt, ap) vswprintf(dest, fmt, ap)
data/safeclib-3.5/src/safeclib_private.h:587:40: [4] (format) vswprintf:
Potential format string problem (CWE-134). Make format string constant.
#define vswprintf(dest, dmax, fmt, ap) vswprintf(dest, fmt, ap)
data/safeclib-3.5/src/str/safe_str_constraint.c:139:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "%s: wrong dmax %lu, dest has size %lu", func,
data/safeclib-3.5/src/str/safe_str_constraint.c:148:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(msg, "%s: wrong %s %lu, %s has size %lu", func, smaxname,
data/safeclib-3.5/src/str/snprintf_s.c:145:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = vsnprintf(dest, (size_t)dmax, fmt, ap);
data/safeclib-3.5/src/str/snprintf_s.c:155:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/str/sprintf_s.c:175:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = vsnprintf((char *)dest, (size_t)dmax, fmt, ap);
data/safeclib-3.5/src/str/sprintf_s.c:195:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/str/vsnprintf_s.c:134:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = vsnprintf(dest, (size_t)dmax, fmt, ap);
data/safeclib-3.5/src/str/vsnprintf_s.c:138:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/str/vsprintf_s.c:156:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = vsnprintf(dest, (size_t)dmax, fmt, ap);
data/safeclib-3.5/src/str/vsprintf_s.c:174:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/wchar/fwprintf_s.c:114:11: [4] (format) vfwprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
ret = vfwprintf(stream, fmt, ap);
data/safeclib-3.5/src/wchar/fwprintf_s.c:119:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/wchar/fwscanf_s.c:138:11: [4] (buffer) vfwscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
ret = vfwscanf(stream, fmt, ap);
data/safeclib-3.5/src/wchar/fwscanf_s.c:143:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/wchar/snwprintf_s.c:197:11: [4] (format) vswprintf:
Potential format string problem (CWE-134). Make format string constant.
ret = vswprintf(dest, dmax, fmt, ap);
data/safeclib-3.5/src/wchar/snwprintf_s.c:211:19: [4] (format) vswprintf:
Potential format string problem (CWE-134). Make format string constant.
ret = vswprintf(tmp, 512, fmt, ap2);
data/safeclib-3.5/src/wchar/snwprintf_s.c:216:19: [4] (format) vswprintf:
Potential format string problem (CWE-134). Make format string constant.
ret = vswprintf(tmp, dmax, fmt, ap2);
data/safeclib-3.5/src/wchar/snwprintf_s.c:238:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/wchar/swprintf_s.c:193:11: [4] (format) vswprintf:
Potential format string problem (CWE-134). Make format string constant.
ret = vswprintf(dest, dmax, fmt, ap);
data/safeclib-3.5/src/wchar/swprintf_s.c:204:19: [4] (format) vswprintf:
Potential format string problem (CWE-134). Make format string constant.
ret = vswprintf(tmp, 512, fmt, ap2);
data/safeclib-3.5/src/wchar/swprintf_s.c:209:19: [4] (format) vswprintf:
Potential format string problem (CWE-134). Make format string constant.
ret = vswprintf(tmp, dmax, fmt, ap2);
data/safeclib-3.5/src/wchar/swprintf_s.c:225:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/wchar/swscanf_s.c:139:11: [4] (buffer) vswscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
ret = vswscanf(src, fmt, ap);
data/safeclib-3.5/src/wchar/swscanf_s.c:144:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/wchar/vfwprintf_s.c:119:11: [4] (format) vfwprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
ret = vfwprintf(stream, fmt, ap);
data/safeclib-3.5/src/wchar/vfwprintf_s.c:123:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/wchar/vfwscanf_s.c:140:11: [4] (buffer) vfwscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
ret = vfwscanf(stream, fmt, ap);
data/safeclib-3.5/src/wchar/vfwscanf_s.c:144:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/wchar/vsnwprintf_s.c:191:11: [4] (format) vswprintf:
Potential format string problem (CWE-134). Make format string constant.
ret = vswprintf(dest, dmax, fmt, ap);
data/safeclib-3.5/src/wchar/vsnwprintf_s.c:201:19: [4] (format) vswprintf:
Potential format string problem (CWE-134). Make format string constant.
ret = vswprintf(tmp, 512, fmt, ap2);
data/safeclib-3.5/src/wchar/vsnwprintf_s.c:204:19: [4] (format) vswprintf:
Potential format string problem (CWE-134). Make format string constant.
ret = vswprintf(tmp, dmax, fmt, ap2);
data/safeclib-3.5/src/wchar/vsnwprintf_s.c:226:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/wchar/vswprintf_s.c:175:11: [4] (format) vswprintf:
Potential format string problem (CWE-134). Make format string constant.
ret = vswprintf(dest, dmax, fmt, ap);
data/safeclib-3.5/src/wchar/vswprintf_s.c:183:19: [4] (format) vswprintf:
Potential format string problem (CWE-134). Make format string constant.
ret = vswprintf(tmp, 512, fmt, ap2);
data/safeclib-3.5/src/wchar/vswprintf_s.c:186:19: [4] (format) vswprintf:
Potential format string problem (CWE-134). Make format string constant.
ret = vswprintf(tmp, RSIZE_MAX_WSTR, fmt, ap2);
data/safeclib-3.5/src/wchar/vswprintf_s.c:203:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/wchar/vswscanf_s.c:136:11: [4] (buffer) vswscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
ret = vswscanf(src, fmt, ap);
data/safeclib-3.5/src/wchar/vswscanf_s.c:140:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/wchar/vwprintf_s.c:108:11: [4] (format) vwprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
ret = vwprintf(fmt, ap);
data/safeclib-3.5/src/wchar/vwprintf_s.c:112:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/wchar/vwscanf_s.c:127:11: [4] (buffer) vwscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
ret = vwscanf(fmt, ap);
data/safeclib-3.5/src/wchar/vwscanf_s.c:131:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/wchar/wprintf_s.c:114:11: [4] (format) vwprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
ret = vwprintf(fmt, ap);
data/safeclib-3.5/src/wchar/wprintf_s.c:119:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/src/wchar/wscanf_s.c:126:11: [4] (buffer) vwscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
ret = vwscanf(fmt, ap);
data/safeclib-3.5/src/wchar/wscanf_s.c:131:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(errstr, strerror(errno));
data/safeclib-3.5/tests/perf_strcpy_s.c:117:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
rc = strcpy(str1, str2);
data/safeclib-3.5/tests/test_fwscanf_s.c:50:5: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(wstr1, s); \
data/safeclib-3.5/tests/test_fwscanf_s.c:55:5: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(wstr1, s); \
data/safeclib-3.5/tests/test_private.h:47:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define printf(...) printk(KERN_INFO __VA_ARGS__)
data/safeclib-3.5/tests/test_private.h:223:22: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define debug_printf printf
data/safeclib-3.5/tests/test_private.h:229:22: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define debug_printf printf
data/safeclib-3.5/tests/test_private.h:235:28: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define xdebug_printf(...) printf(__VA_ARGS__)
data/safeclib-3.5/tests/test_private.h:237:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define xdebug_printf printf
data/safeclib-3.5/tests/test_private.h:243:23: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define xdebug_printf printf
data/safeclib-3.5/tests/test_private.h:521:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(__FILE__ ": cannot test locale C" \
data/safeclib-3.5/tests/test_private.h:527:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(__FILE__ ": cannot test locale %s" \
data/safeclib-3.5/tests/test_private.h:534:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(__FILE__ ": cannot test locale %s" \
data/safeclib-3.5/tests/test_private.h:544:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(__FILE__ ": SKIP appveyor %u\n", __LINE__); \
data/safeclib-3.5/tests/test_towfc_s.c:86:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, &p1[4]);
data/safeclib-3.5/tests/test_towlower.c:57:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, &p1[4]);
data/safeclib-3.5/tests/test_towupper.c:69:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, &p1[4]);
data/safeclib-3.5/tests/test_towupper.c:226:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system(PERL " " TESTPL)) {
data/safeclib-3.5/tests/test_towupper.c:229:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!system("perl " TESTPL))
data/safeclib-3.5/tests/test_vfwscanf_s.c:47:5: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(wstr1, s); \
data/safeclib-3.5/tests/test_vfwscanf_s.c:51:5: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
wcscpy(wstr1, s); \
data/safeclib-3.5/tests/test_wcsfc_s.c:523:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system(PERL " " TESTPL) < 0) {
data/safeclib-3.5/tests/test_wcsfc_s.c:526:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (!system("perl " TESTPL))
data/safeclib-3.5/tests/test_wcsnorm_s.c:598:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (system(PERL " " TESTPL) < 0) {
data/safeclib-3.5/tests/test_wcsnorm_s.c:601:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system("perl " TESTPL) || printf("perl " TESTPL " failed\n");
data/safeclib-3.5/src/io/tmpnam_s.c:132:14: [3] (tmpfile) tmpnam:
Temporary file race condition (CWE-377).
result = tmpnam(dp);
data/safeclib-3.5/src/io/tmpnam_s.c:142:14: [3] (tmpfile) tmpnam:
Temporary file race condition (CWE-377).
result = tmpnam(dp);
data/safeclib-3.5/src/os/getenv_s.c:114:11: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
buf = getenv(name);
data/safeclib-3.5/tests/test_getenv_s.c:70:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
str2 = getenv(name);
data/safeclib-3.5/src/extwchar/unw16ifcan.h:26:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_canon_tbl_1 [807][1] = {
data/safeclib-3.5/src/extwchar/unw16ifcan.h:129:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_canon_tbl_2 [856][2] = {
data/safeclib-3.5/src/extwchar/unw16ifcan.h:238:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_canon_tbl_3 [218][3] = {
data/safeclib-3.5/src/extwchar/unw16ifcan.h:268:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_canon_tbl_4 [52][4] = {
data/safeclib-3.5/src/extwchar/unw16ifcan.h:277:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_canon_tbl_6 [9][6] = {
data/safeclib-3.5/src/extwchar/unw16ifcpt.h:26:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_compat_tbl_1 [1555][1] = {
data/safeclib-3.5/src/extwchar/unw16ifcpt.h:223:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_compat_tbl_2 [1286][2] = {
data/safeclib-3.5/src/extwchar/unw16ifcpt.h:386:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_compat_tbl_3 [629][3] = {
data/safeclib-3.5/src/extwchar/unw16ifcpt.h:467:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_compat_tbl_4 [125][4] = {
data/safeclib-3.5/src/extwchar/unw16ifcpt.h:485:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_compat_tbl_5 [16][5] = {
data/safeclib-3.5/src/extwchar/unwifcan.h:26:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_canon_tbl_1 [917][1] = {
data/safeclib-3.5/src/extwchar/unwifcan.h:143:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_canon_tbl_2 [762][2] = {
data/safeclib-3.5/src/extwchar/unwifcan.h:241:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_canon_tbl_3 [227][3] = {
data/safeclib-3.5/src/extwchar/unwifcan.h:272:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_canon_tbl_4 [36][4] = {
data/safeclib-3.5/src/extwchar/unwifcpt.h:26:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_compat_tbl_1 [1665][1] = {
data/safeclib-3.5/src/extwchar/unwifcpt.h:237:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_compat_tbl_2 [1192][2] = {
data/safeclib-3.5/src/extwchar/unwifcpt.h:388:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_compat_tbl_3 [638][3] = {
data/safeclib-3.5/src/extwchar/unwifcpt.h:470:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_compat_tbl_4 [109][4] = {
data/safeclib-3.5/src/extwchar/unwifcpt.h:486:14: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const wchar_t UNWIF_compat_tbl_5 [16][5] = {
data/safeclib-3.5/src/extwchar/wcsfc_s.c:159:9: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t tmp[4];
data/safeclib-3.5/src/extwchar/wcsfc_s.c:179:17: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t tmpd[8];
data/safeclib-3.5/src/extwchar/wcsfc_s.c:195:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, tmpd, d * sizeof(wchar_t));
data/safeclib-3.5/src/extwchar/wcsfc_s.c:203:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, tmp, c * sizeof(wchar_t));
data/safeclib-3.5/src/extwchar/wcsnorm_s.c:175:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, e->v, (l + 1) * sizeof(wchar_t)); /* incl \0 */
data/safeclib-3.5/src/extwchar/wcsnorm_s.c:185:41: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const wchar_t *tbl = (const wchar_t *)UNWIF_canon_tbl[l - 1];
data/safeclib-3.5/src/extwchar/wcsnorm_s.c:202:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, &tbl[i * len], len * sizeof(wchar_t)); /* 33% perf */
data/safeclib-3.5/src/extwchar/wcsnorm_s.c:267:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, e->v, (l + 1) * sizeof(wchar_t)); /* incl \0 */
data/safeclib-3.5/src/extwchar/wcsnorm_s.c:279:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, e->v, (l + 1) * sizeof(wchar_t)); /* incl \0 */
data/safeclib-3.5/src/extwchar/wcsnorm_s.c:291:41: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const wchar_t *tbl = (const wchar_t *)UNWIF_compat_tbl[l - 1];
data/safeclib-3.5/src/extwchar/wcsnorm_s.c:300:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, &tbl[i * l], l * sizeof(wchar_t));
data/safeclib-3.5/src/extwchar/wcsnorm_s.c:772:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(seq_ext, seq_ary, cc_pos * sizeof(UNWIF_cc));
data/safeclib-3.5/src/extwchar/wcsnorm_s.c:968:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(seq_ext, seq_ary, cc_pos * sizeof(uint32_t));
data/safeclib-3.5/src/extwchar/wcsnorm_s.c:997:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, seq_ptr, cc_pos * sizeof(wchar_t));
data/safeclib-3.5/src/extwchar/wcsnorm_s.c:1073:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t tmp_stack[128];
data/safeclib-3.5/src/extwchar/wcsnorm_s.c:1107:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, tmp_ptr, (len + 1) * sizeof(wchar_t));
data/safeclib-3.5/src/io/fopen_s.c:101:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*streamptr = fopen(filename, mode);
data/safeclib-3.5/src/io/fopen_s.c:104:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "fopen_s: ";
data/safeclib-3.5/src/io/fprintf_s.c:105:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "fprintf_s: ";
data/safeclib-3.5/src/io/freopen_s.c:108:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "freopen_s: ";
data/safeclib-3.5/src/io/fscanf_s.c:135:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "fscanf_s: ";
data/safeclib-3.5/src/io/printf_s.c:94:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "printf_s: ";
data/safeclib-3.5/src/io/scanf_s.c:129:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "scanf_s: ";
data/safeclib-3.5/src/io/sscanf_s.c:138:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "sscanf_s: ";
data/safeclib-3.5/src/io/tmpfile_s.c:95:18: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
*streamptr = tmpfile();
data/safeclib-3.5/src/io/tmpfile_s.c:98:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "tmpfile_s: ";
data/safeclib-3.5/src/io/vfprintf_s.c:100:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "vfprintf_s: ";
data/safeclib-3.5/src/io/vfscanf_s.c:133:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "vfscanf_s: ";
data/safeclib-3.5/src/io/vprintf_s.c:91:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "vprintf_s: ";
data/safeclib-3.5/src/io/vscanf_s.c:126:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "vscanf_s: ";
data/safeclib-3.5/src/io/vsscanf_s.c:135:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "vsscanf_s: ";
data/safeclib-3.5/src/mem/safe_mem_constraint.c:115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[128];
data/safeclib-3.5/src/misc/qsort_s.c:131:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char debruijn32[32] = {0, 1, 23, 2, 29, 24, 19, 3, 30, 27, 25,
data/safeclib-3.5/src/misc/qsort_s.c:135:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char debruijn64[64] = {
data/safeclib-3.5/src/misc/qsort_s.c:169:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[256];
data/safeclib-3.5/src/misc/qsort_s.c:180:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ar[n], ar[0], l);
data/safeclib-3.5/src/misc/qsort_s.c:182:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ar[i], ar[i + 1], l);
data/safeclib-3.5/src/misc/qsort_s.c:215:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *ar[14 * sizeof(size_t) + 1];
data/safeclib-3.5/src/misc/qsort_s.c:239:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void trinkle(unsigned char *head, size_t width, cmpfun cmp, size_t pp[2],
data/safeclib-3.5/src/misc/qsort_s.c:243:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *ar[14 * sizeof(size_t) + 1];
data/safeclib-3.5/src/os/asctime_s.c:173:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmp[120];
data/safeclib-3.5/src/os/ctime_s.c:157:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tmp[120];
data/safeclib-3.5/src/os/getenv_s.c:118:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "getenv_s: ";
data/safeclib-3.5/src/str/safe_str_constraint.c:138:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[128];
data/safeclib-3.5/src/str/safe_str_constraint.c:147:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[128];
data/safeclib-3.5/src/str/snprintf_s.c:149:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "snprintf_s: ";
data/safeclib-3.5/src/str/snprintf_s.c:152:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(errstr, "len exceeds dmax");
data/safeclib-3.5/src/str/sprintf_s.c:194:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "sprintf_s: ";
data/safeclib-3.5/src/str/vsnprintf_s.c:137:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "vsnprintf_s: ";
data/safeclib-3.5/src/str/vsprintf_s.c:173:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "vsprintf_s: ";
data/safeclib-3.5/src/wchar/fwprintf_s.c:118:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "fwprintf_s: ";
data/safeclib-3.5/src/wchar/fwscanf_s.c:142:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "fwscanf_s: ";
data/safeclib-3.5/src/wchar/snwprintf_s.c:205:20: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t tmp[512];
data/safeclib-3.5/src/wchar/snwprintf_s.c:237:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "snwprintf_s: ";
data/safeclib-3.5/src/wchar/swprintf_s.c:202:20: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t tmp[512];
data/safeclib-3.5/src/wchar/swprintf_s.c:224:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "swprintf_s: ";
data/safeclib-3.5/src/wchar/swscanf_s.c:143:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "swscanf_s: ";
data/safeclib-3.5/src/wchar/vfwprintf_s.c:122:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "vfwprintf_s: ";
data/safeclib-3.5/src/wchar/vfwscanf_s.c:143:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "vfwscanf_s: ";
data/safeclib-3.5/src/wchar/vsnwprintf_s.c:196:20: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t tmp[512];
data/safeclib-3.5/src/wchar/vsnwprintf_s.c:225:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "vsnwprintf_s: ";
data/safeclib-3.5/src/wchar/vswprintf_s.c:180:20: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t tmp[512];
data/safeclib-3.5/src/wchar/vswprintf_s.c:202:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "vswprintf_s: ";
data/safeclib-3.5/src/wchar/vswscanf_s.c:139:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "vswscanf_s: ";
data/safeclib-3.5/src/wchar/vwprintf_s.c:111:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "vwprintf_s: ";
data/safeclib-3.5/src/wchar/vwscanf_s.c:130:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "vwscanf_s: ";
data/safeclib-3.5/src/wchar/wprintf_s.c:118:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "wprintf_s: ";
data/safeclib-3.5/src/wchar/wscanf_s.c:130:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errstr[128] = "wscanf_s: ";
data/safeclib-3.5/tests/perf_memcpy_s.c:138:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
rc = (char *)memcpy(mem1, mem2, len);
data/safeclib-3.5/tests/perf_strcpy_s.c:47:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LEN];
data/safeclib-3.5/tests/perf_strcpy_s.c:48:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LEN];
data/safeclib-3.5/tests/test_asctime_s.c:21:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_ctime_s.c:21:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_fprintf_s.c:24:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[LEN];
data/safeclib-3.5/tests/test_fprintf_s.c:32:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(TMP, "w");
data/safeclib-3.5/tests/test_fprintf_s.c:80:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "keep it simple");
data/safeclib-3.5/tests/test_fprintf_s.c:94:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "keep it simple");
data/safeclib-3.5/tests/test_freopen_s.c:67:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmp = fopen(TMP, "w");
data/safeclib-3.5/tests/test_fscanf_s.c:24:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_fscanf_s.c:25:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_fscanf_s.c:33:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(TMP, "w+");
data/safeclib-3.5/tests/test_fscanf_s.c:100:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_fscanf_s.c:130:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqq");
data/safeclib-3.5/tests/test_fscanf_s.c:178:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqq");
data/safeclib-3.5/tests/test_fwprintf_s.c:17:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t wstr[LEN];
data/safeclib-3.5/tests/test_fwprintf_s.c:18:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[LEN];
data/safeclib-3.5/tests/test_fwprintf_s.c:27:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(TMP, "w");
data/safeclib-3.5/tests/test_fwprintf_s.c:70:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr, L"12");
data/safeclib-3.5/tests/test_fwprintf_s.c:71:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "34");
data/safeclib-3.5/tests/test_fwscanf_s.c:31:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t wstr1[LEN];
data/safeclib-3.5/tests/test_fwscanf_s.c:32:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t wstr2[LEN];
data/safeclib-3.5/tests/test_fwscanf_s.c:33:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str3[LEN];
data/safeclib-3.5/tests/test_fwscanf_s.c:41:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(TMP, "w+");
data/safeclib-3.5/tests/test_fwscanf_s.c:223:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"qqweqq");
data/safeclib-3.5/tests/test_getenv_s.c:22:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dest[LEN];
data/safeclib-3.5/tests/test_gets_s.c:18:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dest[LEN];
data/safeclib-3.5/tests/test_gets_s.c:26:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(TMP, "w");
data/safeclib-3.5/tests/test_mbsrtowcs_s.c:23:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t dest[LEN];
data/safeclib-3.5/tests/test_mbsrtowcs_s.c:25:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char src[LEN];
data/safeclib-3.5/tests/test_mbstowcs_s.c:22:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t dest[LEN];
data/safeclib-3.5/tests/test_mbstowcs_s.c:23:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char src[LEN];
data/safeclib-3.5/tests/test_mbstowcs_s.c:45:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(src, "abc");
data/safeclib-3.5/tests/test_memccpy_s.c:17:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_memccpy_s.c:18:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_memccpy_s.c:19:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dest[LEN];
data/safeclib-3.5/tests/test_memccpy_s.c:45:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_memccpy_s.c:61:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_memccpy_s.c:92:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_memccpy_s.c:93:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb");
data/safeclib-3.5/tests/test_memccpy_s.c:100:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_memccpy_s.c:101:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb");
data/safeclib-3.5/tests/test_memccpy_s.c:111:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_memccpy_s.c:121:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_memccpy_s.c:149:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_memccpy_s.c:165:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_memccpy_s.c:176:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_memccpy_s.c:186:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqeqeqeq");
data/safeclib-3.5/tests/test_memccpy_s.c:187:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_memccpy_s.c:197:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqeqeqeq");
data/safeclib-3.5/tests/test_memccpy_s.c:198:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_memccpy_s.c:205:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqeqeqeq");
data/safeclib-3.5/tests/test_memccpy_s.c:206:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_memccpy_s.c:218:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, " ");
data/safeclib-3.5/tests/test_memccpy_s.c:219:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "hello");
data/safeclib-3.5/tests/test_memccpy_s.c:228:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, " ");
data/safeclib-3.5/tests/test_memccpy_s.c:229:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "goodbye");
data/safeclib-3.5/tests/test_memccpy_s.c:236:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, " ");
data/safeclib-3.5/tests/test_memccpy_s.c:237:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "goodbye");
data/safeclib-3.5/tests/test_memccpy_s.c:246:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, " ");
data/safeclib-3.5/tests/test_memccpy_s.c:247:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "good");
data/safeclib-3.5/tests/test_memccpy_s.c:257:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qq12345weqeqeqeq");
data/safeclib-3.5/tests/test_memccpy_s.c:258:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "it");
data/safeclib-3.5/tests/test_memchr_s.c:79:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mem, "keep it all together", len);
data/safeclib-3.5/tests/test_memrchr_s.c:80:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mem, "keep it all together", len);
data/safeclib-3.5/tests/test_printf_s.c:22:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_printf_s.c:23:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_printf_s.c:71:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "12");
data/safeclib-3.5/tests/test_printf_s.c:72:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "34");
data/safeclib-3.5/tests/test_scanf_s.c:24:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_scanf_s.c:25:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_scanf_s.c:32:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(TMP, "w+");
data/safeclib-3.5/tests/test_scanf_s.c:111:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_scanf_s.c:134:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_scanf_s.c:148:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqq");
data/safeclib-3.5/tests/test_scanf_s.c:149:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_scanf_s.c:213:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqq");
data/safeclib-3.5/tests/test_snprintf_s.c:28:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_snprintf_s.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_snprintf_s.c:51:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "123456");
data/safeclib-3.5/tests/test_snprintf_s.c:96:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "123456");
data/safeclib-3.5/tests/test_snprintf_s.c:97:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_snprintf_s.c:115:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "123456");
data/safeclib-3.5/tests/test_snprintf_s.c:136:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "123456");
data/safeclib-3.5/tests/test_snprintf_s.c:137:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_snprintf_s.c:153:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "123456");
data/safeclib-3.5/tests/test_snprintf_s.c:170:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_snprintf_s.c:171:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_snprintf_s.c:190:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_snprintf_s.c:203:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_snprintf_s.c:216:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_snprintf_s.c:234:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_snprintf_s.c:242:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqq");
data/safeclib-3.5/tests/test_snprintf_s.c:243:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_snprintf_s.c:251:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "1234");
data/safeclib-3.5/tests/test_snprintf_s.c:252:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_snprintf_s.c:264:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "1234");
data/safeclib-3.5/tests/test_snprintf_s.c:265:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_snprintf_s.c:273:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "12345678901234567890");
data/safeclib-3.5/tests/test_snprintf_s.c:285:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "123456789");
data/safeclib-3.5/tests/test_snprintf_s.c:293:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "123");
data/safeclib-3.5/tests/test_snprintf_s.c:294:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_snprintf_s.c:302:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "1234");
data/safeclib-3.5/tests/test_snprintf_s.c:303:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "56789");
data/safeclib-3.5/tests/test_snwprintf_s.c:16:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str1[LEN];
data/safeclib-3.5/tests/test_snwprintf_s.c:17:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str2[LEN];
data/safeclib-3.5/tests/test_snwprintf_s.c:81:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaa");
data/safeclib-3.5/tests/test_snwprintf_s.c:82:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_snwprintf_s.c:100:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"123456");
data/safeclib-3.5/tests/test_snwprintf_s.c:101:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_snwprintf_s.c:115:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"123456");
data/safeclib-3.5/tests/test_snwprintf_s.c:116:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_snwprintf_s.c:131:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_snwprintf_s.c:138:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_snwprintf_s.c:147:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_snwprintf_s.c:165:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_snwprintf_s.c:173:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"qqweqq");
data/safeclib-3.5/tests/test_snwprintf_s.c:174:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_snwprintf_s.c:182:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"1234");
data/safeclib-3.5/tests/test_snwprintf_s.c:183:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_snwprintf_s.c:191:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"1234");
data/safeclib-3.5/tests/test_snwprintf_s.c:192:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_snwprintf_s.c:200:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"12345678901234567890");
data/safeclib-3.5/tests/test_snwprintf_s.c:208:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"123456789");
data/safeclib-3.5/tests/test_snwprintf_s.c:216:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"123");
data/safeclib-3.5/tests/test_snwprintf_s.c:217:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_snwprintf_s.c:225:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"1234");
data/safeclib-3.5/tests/test_snwprintf_s.c:226:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"56789");
data/safeclib-3.5/tests/test_sprintf_s.c:28:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_sprintf_s.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_sprintf_s.c:98:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_sprintf_s.c:99:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_sprintf_s.c:112:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_sprintf_s.c:113:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_sprintf_s.c:122:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_sprintf_s.c:123:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_sprintf_s.c:142:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_sprintf_s.c:152:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_sprintf_s.c:162:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_sprintf_s.c:180:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_sprintf_s.c:188:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqq");
data/safeclib-3.5/tests/test_sprintf_s.c:189:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_sprintf_s.c:197:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "1234");
data/safeclib-3.5/tests/test_sprintf_s.c:198:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_sprintf_s.c:206:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "1234");
data/safeclib-3.5/tests/test_sprintf_s.c:207:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_sprintf_s.c:215:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "12345678901234567890");
data/safeclib-3.5/tests/test_sprintf_s.c:224:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "123456789");
data/safeclib-3.5/tests/test_sprintf_s.c:232:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "123");
data/safeclib-3.5/tests/test_sprintf_s.c:233:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_sprintf_s.c:241:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "1234");
data/safeclib-3.5/tests/test_sprintf_s.c:242:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "56789");
data/safeclib-3.5/tests/test_sscanf_s.c:22:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_sscanf_s.c:23:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_sscanf_s.c:24:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str3[LEN];
data/safeclib-3.5/tests/test_sscanf_s.c:54:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, " 24");
data/safeclib-3.5/tests/test_sscanf_s.c:97:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_sscanf_s.c:115:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_sscanf_s.c:133:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_sscanf_s.c:141:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqq");
data/safeclib-3.5/tests/test_sscanf_s.c:142:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcasecmp_s.c:16:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_strcasecmp_s.c:17:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_strcasecmp_s.c:78:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "KEEP IT SIMPLE");
data/safeclib-3.5/tests/test_strcasecmp_s.c:79:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcasecmp_s.c:87:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "KEEP IT SIMPLE");
data/safeclib-3.5/tests/test_strcasecmp_s.c:88:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcasecmp_s.c:96:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "KEEP IT SIMPLE");
data/safeclib-3.5/tests/test_strcasecmp_s.c:97:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcasecmp_s.c:105:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "KEEP IT SIMPLE");
data/safeclib-3.5/tests/test_strcasecmp_s.c:106:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcasecmp_s.c:120:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcasecmp_s.c:121:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keeP it simple");
data/safeclib-3.5/tests/test_strcasecmp_s.c:129:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcasecmp_s.c:137:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "KEEP it simplified");
data/safeclib-3.5/tests/test_strcasecmp_s.c:138:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcasecmp_s.c:149:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "KEEP 1234567890");
data/safeclib-3.5/tests/test_strcasecmp_s.c:150:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcasestr_s.c:27:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LEN];
data/safeclib-3.5/tests/test_strcasestr_s.c:28:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LEN];
data/safeclib-3.5/tests/test_strcasestr_s.c:89:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "key");
data/safeclib-3.5/tests/test_strcasestr_s.c:103:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strcasestr_s.c:119:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strcasestr_s.c:120:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "kee");
data/safeclib-3.5/tests/test_strcasestr_s.c:129:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strcasestr_s.c:130:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "eep it");
data/safeclib-3.5/tests/test_strcasestr_s.c:139:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strcasestr_s.c:140:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "ethe");
data/safeclib-3.5/tests/test_strcasestr_s.c:149:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strcasestr_s.c:150:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "er");
data/safeclib-3.5/tests/test_strcasestr_s.c:167:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strcasestr_s.c:168:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "er");
data/safeclib-3.5/tests/test_strcasestr_s.c:185:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strcasestr_s.c:186:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "it all");
data/safeclib-3.5/tests/test_strcasestr_s.c:194:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strcasestr_s.c:195:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "it all");
data/safeclib-3.5/tests/test_strcasestr_s.c:203:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strcasestr_s.c:204:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "it all");
data/safeclib-3.5/tests/test_strcasestr_s.c:212:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strcasestr_s.c:213:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "it all");
data/safeclib-3.5/tests/test_strcasestr_s.c:221:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strcasestr_s.c:222:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "1234");
data/safeclib-3.5/tests/test_strcasestr_s.c:231:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strcasestr_s.c:232:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "IT ALL");
data/safeclib-3.5/tests/test_strcasestr_s.c:240:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strcasestr_s.c:241:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "EEP");
data/safeclib-3.5/tests/test_strcat_s.c:27:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_strcat_s.c:28:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_strcat_s.c:41:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "aaaa");
data/safeclib-3.5/tests/test_strcat_s.c:56:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaa");
data/safeclib-3.5/tests/test_strcat_s.c:65:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaa");
data/safeclib-3.5/tests/test_strcat_s.c:73:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc");
data/safeclib-3.5/tests/test_strcat_s.c:106:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_strcat_s.c:107:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcat_s.c:121:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_strcat_s.c:122:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcat_s.c:133:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abcd");
data/safeclib-3.5/tests/test_strcat_s.c:142:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abcd");
data/safeclib-3.5/tests/test_strcat_s.c:153:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abcdefgh");
data/safeclib-3.5/tests/test_strcat_s.c:164:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abcdefgh");
data/safeclib-3.5/tests/test_strcat_s.c:175:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&str1[0], "aaaaaaaaaa");
data/safeclib-3.5/tests/test_strcat_s.c:176:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&str2[0], "keep it simple");
data/safeclib-3.5/tests/test_strcat_s.c:194:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcat_s.c:206:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcat_s.c:218:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcat_s.c:239:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcat_s.c:249:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqq");
data/safeclib-3.5/tests/test_strcat_s.c:250:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcat_s.c:260:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "1234");
data/safeclib-3.5/tests/test_strcat_s.c:261:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcat_s.c:272:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "1234");
data/safeclib-3.5/tests/test_strcat_s.c:273:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcat_s.c:283:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "12345678901234567890");
data/safeclib-3.5/tests/test_strcat_s.c:294:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "123456789");
data/safeclib-3.5/tests/test_strcat_s.c:305:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "12345678901234567890");
data/safeclib-3.5/tests/test_strcat_s.c:314:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "12345678901234567890");
data/safeclib-3.5/tests/test_strcat_s.c:324:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "123");
data/safeclib-3.5/tests/test_strcat_s.c:325:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcat_s.c:335:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "1234");
data/safeclib-3.5/tests/test_strcat_s.c:336:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "56789");
data/safeclib-3.5/tests/test_strchr_s.c:14:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[LEN];
data/safeclib-3.5/tests/test_strchr_s.c:64:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "keep it all together");
data/safeclib-3.5/tests/test_strchr_s.c:90:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "keep it all together");
data/safeclib-3.5/tests/test_strchr_s.c:112:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "keep it all together");
data/safeclib-3.5/tests/test_strcmp_s.c:52:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_strcmp_s.c:53:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_strcmp_s.c:55:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str4[4];
data/safeclib-3.5/tests/test_strcmp_s.c:98:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "test");
data/safeclib-3.5/tests/test_strcmp_s.c:99:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str4, "test", 4);
data/safeclib-3.5/tests/test_strcmp_s.c:118:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcmp_s.c:119:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcmp_s.c:128:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "Keep it simple");
data/safeclib-3.5/tests/test_strcmp_s.c:129:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcmp_s.c:140:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcmp_s.c:141:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keeP it simple");
data/safeclib-3.5/tests/test_strcmp_s.c:151:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcmp_s.c:165:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simplified");
data/safeclib-3.5/tests/test_strcmp_s.c:166:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcmp_s.c:176:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcmp_s.c:177:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simplified");
data/safeclib-3.5/tests/test_strcmpfld_s.c:21:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LEN];
data/safeclib-3.5/tests/test_strcmpfld_s.c:22:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LEN];
data/safeclib-3.5/tests/test_strcmpfld_s.c:59:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcmpfld_s.c:60:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcmpfld_s.c:76:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcmpfld_s.c:77:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcmpfld_s.c:93:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcmpfld_s.c:94:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcmpfld_s.c:110:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcmpfld_s.c:111:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcmpfld_s.c:128:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcmpfld_s.c:131:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcmpfld_s.c:148:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcmpfld_s.c:153:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcmpfld_s.c:170:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcmpfld_s.c:174:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcmpfld_s.c:190:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcmpfld_s.c:195:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcoll_s.c:52:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_strcoll_s.c:53:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_strcoll_s.c:118:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcoll_s.c:119:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcoll_s.c:128:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "Keep it simple");
data/safeclib-3.5/tests/test_strcoll_s.c:129:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcoll_s.c:139:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcoll_s.c:140:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keeP it simple");
data/safeclib-3.5/tests/test_strcoll_s.c:149:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcoll_s.c:163:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simplified");
data/safeclib-3.5/tests/test_strcoll_s.c:164:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcoll_s.c:173:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcoll_s.c:174:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simplified");
data/safeclib-3.5/tests/test_strcpy_s.c:28:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_strcpy_s.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_strcpy_s.c:51:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpy_s.c:83:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpy_s.c:94:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpy_s.c:103:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaa");
data/safeclib-3.5/tests/test_strcpy_s.c:114:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&str1[0], "keep it simple");
data/safeclib-3.5/tests/test_strcpy_s.c:129:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&str1[0], "keep it simple");
data/safeclib-3.5/tests/test_strcpy_s.c:138:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqeqeqeq");
data/safeclib-3.5/tests/test_strcpy_s.c:139:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcpy_s.c:149:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&str1[0], "keep it simple");
data/safeclib-3.5/tests/test_strcpy_s.c:160:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(&str2[0], "keep it simple");
data/safeclib-3.5/tests/test_strcpy_s.c:170:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqeqeqeq");
data/safeclib-3.5/tests/test_strcpy_s.c:171:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcpy_s.c:181:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqeqeqeq");
data/safeclib-3.5/tests/test_strcpy_s.c:182:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcpy_s.c:190:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqeqeqeq");
data/safeclib-3.5/tests/test_strcpy_s.c:191:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcpy_s.c:199:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqeqeqeq");
data/safeclib-3.5/tests/test_strcpy_s.c:200:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "it");
data/safeclib-3.5/tests/test_strcpy_s.c:209:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qq12345weqeqeqeq");
data/safeclib-3.5/tests/test_strcpy_s.c:210:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "it");
data/safeclib-3.5/tests/test_strcpyfld_s.c:21:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LEN];
data/safeclib-3.5/tests/test_strcpyfld_s.c:22:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LEN];
data/safeclib-3.5/tests/test_strcpyfld_s.c:26:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaa");
data/safeclib-3.5/tests/test_strcpyfld_s.c:27:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "bbb");
data/safeclib-3.5/tests/test_strcpyfld_s.c:48:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaa");
data/safeclib-3.5/tests/test_strcpyfld_s.c:58:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfld_s.c:64:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaa");
data/safeclib-3.5/tests/test_strcpyfld_s.c:73:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaa");
data/safeclib-3.5/tests/test_strcpyfld_s.c:74:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "bbb");
data/safeclib-3.5/tests/test_strcpyfld_s.c:83:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaa");
data/safeclib-3.5/tests/test_strcpyfld_s.c:102:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfld_s.c:105:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb");
data/safeclib-3.5/tests/test_strcpyfld_s.c:121:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfld_s.c:124:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb");
data/safeclib-3.5/tests/test_strcpyfld_s.c:140:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfld_s.c:143:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb");
data/safeclib-3.5/tests/test_strcpyfld_s.c:151:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfld_s.c:160:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfld_s.c:169:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfld_s.c:172:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb");
data/safeclib-3.5/tests/test_strcpyfld_s.c:188:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfld_s.c:191:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb");
data/safeclib-3.5/tests/test_strcpyfld_s.c:207:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfld_s.c:211:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:21:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LEN];
data/safeclib-3.5/tests/test_strcpyfldin_s.c:22:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LEN];
data/safeclib-3.5/tests/test_strcpyfldin_s.c:32:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaa");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:48:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:49:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "01234567890123456789");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:59:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaa");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:60:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "01234567890123456789");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:81:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:82:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "01234567890123456789");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:93:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:94:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "01234567890123456789");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:109:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:110:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "01234567890123456789");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:125:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:126:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "01234567890123456789");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:141:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:151:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple for best results ");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:161:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple for best results ");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:171:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:174:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "KEEP IT SIMPLE PLEASE");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:188:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "always keep it simple");
data/safeclib-3.5/tests/test_strcpyfldin_s.c:191:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcpyfldout_s.c:21:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LEN];
data/safeclib-3.5/tests/test_strcpyfldout_s.c:22:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LEN];
data/safeclib-3.5/tests/test_strcpyfldout_s.c:32:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaa");
data/safeclib-3.5/tests/test_strcpyfldout_s.c:57:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaa");
data/safeclib-3.5/tests/test_strcpyfldout_s.c:66:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaa");
data/safeclib-3.5/tests/test_strcpyfldout_s.c:67:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "01234567890123456789");
data/safeclib-3.5/tests/test_strcpyfldout_s.c:87:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfldout_s.c:88:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "01234567890123456789");
data/safeclib-3.5/tests/test_strcpyfldout_s.c:105:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfldout_s.c:106:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "01234567890123456789");
data/safeclib-3.5/tests/test_strcpyfldout_s.c:122:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfldout_s.c:123:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "01234567890123456789");
data/safeclib-3.5/tests/test_strcpyfldout_s.c:139:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfldout_s.c:149:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple for best results");
data/safeclib-3.5/tests/test_strcpyfldout_s.c:159:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple for best results ");
data/safeclib-3.5/tests/test_strcpyfldout_s.c:169:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcpyfldout_s.c:172:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "aaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strcpyfldout_s.c:187:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "always keep it simple");
data/safeclib-3.5/tests/test_strcpyfldout_s.c:190:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strcspn_s.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_strcspn_s.c:30:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_strcspn_s.c:89:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcspn_s.c:90:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "KEEP");
data/safeclib-3.5/tests/test_strcspn_s.c:98:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcspn_s.c:99:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "KEEP");
data/safeclib-3.5/tests/test_strcspn_s.c:107:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcspn_s.c:108:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "KEEP");
data/safeclib-3.5/tests/test_strcspn_s.c:116:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcspn_s.c:117:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "KEEP");
data/safeclib-3.5/tests/test_strcspn_s.c:125:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcspn_s.c:126:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "ABCDEF");
data/safeclib-3.5/tests/test_strcspn_s.c:134:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcspn_s.c:135:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep");
data/safeclib-3.5/tests/test_strcspn_s.c:144:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcspn_s.c:145:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "notincluded");
data/safeclib-3.5/tests/test_strcspn_s.c:154:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strcspn_s.c:155:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "1234567890");
data/safeclib-3.5/tests/test_strerror_s.c:25:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_strfirstchar_s.c:34:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LEN];
data/safeclib-3.5/tests/test_strfirstchar_s.c:73:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "Keep it simple");
data/safeclib-3.5/tests/test_strfirstchar_s.c:80:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "kEEp it simple");
data/safeclib-3.5/tests/test_strfirstchar_s.c:91:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simpleZ");
data/safeclib-3.5/tests/test_strfirstchar_s.c:103:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simpleZZ");
data/safeclib-3.5/tests/test_strfirstdiff_s.c:19:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LEN];
data/safeclib-3.5/tests/test_strfirstdiff_s.c:20:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LEN];
data/safeclib-3.5/tests/test_strfirstdiff_s.c:83:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "Keep it simple");
data/safeclib-3.5/tests/test_strfirstdiff_s.c:84:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strfirstdiff_s.c:95:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "kEeP it simple");
data/safeclib-3.5/tests/test_strfirstdiff_s.c:96:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strfirstdiff_s.c:107:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strfirstdiff_s.c:108:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keEp IT simple");
data/safeclib-3.5/tests/test_strfirstdiff_s.c:119:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strfirstdiff_s.c:130:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strfirstdiff_s.c:131:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strfirstdiff_s.c:142:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simplE");
data/safeclib-3.5/tests/test_strfirstdiff_s.c:143:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strfirstdiff_s.c:154:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simplE");
data/safeclib-3.5/tests/test_strfirstdiff_s.c:155:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strfirstdiff_s.c:166:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simplE");
data/safeclib-3.5/tests/test_strfirstdiff_s.c:167:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strfirstsame_s.c:19:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LEN];
data/safeclib-3.5/tests/test_strfirstsame_s.c:20:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LEN];
data/safeclib-3.5/tests/test_strfirstsame_s.c:84:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "kEEP it simple");
data/safeclib-3.5/tests/test_strfirstsame_s.c:85:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strfirstsame_s.c:96:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "Keep it simple");
data/safeclib-3.5/tests/test_strfirstsame_s.c:97:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strfirstsame_s.c:108:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "KEEP it simple");
data/safeclib-3.5/tests/test_strfirstsame_s.c:109:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strfirstsame_s.c:120:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strfirstsame_s.c:121:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "KEEP_IT_SIMPLe");
data/safeclib-3.5/tests/test_strfirstsame_s.c:132:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strfirstsame_s.c:133:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "KEEP_IT_SIMPLe");
data/safeclib-3.5/tests/test_strfirstsame_s.c:144:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strfirstsame_s.c:160:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "KEEP it simple");
data/safeclib-3.5/tests/test_strfirstsame_s.c:161:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strfirstsame_s.c:176:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strfirstsame_s.c:177:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "KEEP_IT_SIMPLE");
data/safeclib-3.5/tests/test_strfirstsame_s.c:192:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strfirstsame_s.c:193:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "KEEP_IT_SIMPLE");
data/safeclib-3.5/tests/test_strisalphanumeric_s.c:18:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN];
data/safeclib-3.5/tests/test_strisalphanumeric_s.c:60:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "123456789");
data/safeclib-3.5/tests/test_strisalphanumeric_s.c:80:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "NowISTHETimE4us");
data/safeclib-3.5/tests/test_strisalphanumeric_s.c:87:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "qq21ego");
data/safeclib-3.5/tests/test_strisalphanumeric_s.c:94:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "1234");
data/safeclib-3.5/tests/test_strisalphanumeric_s.c:103:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "!@#$%^&*(){}[]:;\"'?/.>,<");
data/safeclib-3.5/tests/test_strisascii_s.c:18:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN];
data/safeclib-3.5/tests/test_strisascii_s.c:56:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "ABCDEFGHIJK");
data/safeclib-3.5/tests/test_strisascii_s.c:76:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "NowISTHETimE");
data/safeclib-3.5/tests/test_strisascii_s.c:83:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "qq21ego");
data/safeclib-3.5/tests/test_strisascii_s.c:89:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "1234");
data/safeclib-3.5/tests/test_strisdigit_s.c:18:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN];
data/safeclib-3.5/tests/test_strisdigit_s.c:46:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "123456789");
data/safeclib-3.5/tests/test_strisdigit_s.c:60:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "12");
data/safeclib-3.5/tests/test_strisdigit_s.c:67:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "1abcd");
data/safeclib-3.5/tests/test_strisdigit_s.c:74:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "abcd");
data/safeclib-3.5/tests/test_strishex_s.c:18:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN];
data/safeclib-3.5/tests/test_strishex_s.c:51:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "123456789");
data/safeclib-3.5/tests/test_strishex_s.c:65:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "12");
data/safeclib-3.5/tests/test_strishex_s.c:72:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "1Af");
data/safeclib-3.5/tests/test_strishex_s.c:79:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "FF");
data/safeclib-3.5/tests/test_strishex_s.c:86:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "1abzd");
data/safeclib-3.5/tests/test_strislowercase_s.c:18:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN];
data/safeclib-3.5/tests/test_strislowercase_s.c:46:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "qqweqeqeqeq");
data/safeclib-3.5/tests/test_strislowercase_s.c:53:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "qqweqeqeqeq");
data/safeclib-3.5/tests/test_strislowercase_s.c:60:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "qqWe go");
data/safeclib-3.5/tests/test_strislowercase_s.c:67:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "1234");
data/safeclib-3.5/tests/test_strismixed_s.c:16:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN];
data/safeclib-3.5/tests/test_strismixed_s.c:44:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "AaBbCcDdEeFf");
data/safeclib-3.5/tests/test_strismixed_s.c:58:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "NowISTHETimE");
data/safeclib-3.5/tests/test_strismixed_s.c:65:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "qq21ego");
data/safeclib-3.5/tests/test_strismixed_s.c:72:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "1234");
data/safeclib-3.5/tests/test_strispassword_s.c:17:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN];
data/safeclib-3.5/tests/test_strispassword_s.c:31:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "Test4You&");
data/safeclib-3.5/tests/test_strispassword_s.c:51:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "Test4You*123");
data/safeclib-3.5/tests/test_strispassword_s.c:58:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "Test4You*");
data/safeclib-3.5/tests/test_strispassword_s.c:65:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "Test4You*Test4You*Test4You*");
data/safeclib-3.5/tests/test_strispassword_s.c:72:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "Eest!22/");
data/safeclib-3.5/tests/test_strispassword_s.c:79:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "pa$$W0rD");
data/safeclib-3.5/tests/test_strispassword_s.c:85:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "<a]$b}0X_D");
data/safeclib-3.5/tests/test_strispassword_s.c:93:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "pa$$W0rD f");
data/safeclib-3.5/tests/test_strispassword_s.c:99:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "Test");
data/safeclib-3.5/tests/test_strisuppercase_s.c:17:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN];
data/safeclib-3.5/tests/test_strisuppercase_s.c:60:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "ABCDEFGHIGHIJ");
data/safeclib-3.5/tests/test_strisuppercase_s.c:67:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "ABCDEFGHIGHIJ");
data/safeclib-3.5/tests/test_strisuppercase_s.c:74:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "qqWe go");
data/safeclib-3.5/tests/test_strisuppercase_s.c:81:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "1234");
data/safeclib-3.5/tests/test_strisuppercase_s.c:88:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "!@#$%^&*()");
data/safeclib-3.5/tests/test_strlastchar_s.c:32:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LEN];
data/safeclib-3.5/tests/test_strlastchar_s.c:72:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "Keep it simple");
data/safeclib-3.5/tests/test_strlastchar_s.c:80:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "Keep it simplezz");
data/safeclib-3.5/tests/test_strlastchar_s.c:91:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "Keep it simple");
data/safeclib-3.5/tests/test_strlastchar_s.c:102:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "kEEp it simple");
data/safeclib-3.5/tests/test_strlastchar_s.c:113:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "kEep it Simple");
data/safeclib-3.5/tests/test_strlastdiff_s.c:20:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LEN];
data/safeclib-3.5/tests/test_strlastdiff_s.c:21:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LEN];
data/safeclib-3.5/tests/test_strlastdiff_s.c:85:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "Keep iT simple");
data/safeclib-3.5/tests/test_strlastdiff_s.c:86:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strlastdiff_s.c:97:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "kEep it simple");
data/safeclib-3.5/tests/test_strlastdiff_s.c:98:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strlastdiff_s.c:109:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it siMple");
data/safeclib-3.5/tests/test_strlastdiff_s.c:110:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keEp it Simple");
data/safeclib-3.5/tests/test_strlastdiff_s.c:121:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strlastdiff_s.c:132:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strlastdiff_s.c:133:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strlastdiff_s.c:144:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strlastdiff_s.c:145:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simplE");
data/safeclib-3.5/tests/test_strlastsame_s.c:19:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LEN];
data/safeclib-3.5/tests/test_strlastsame_s.c:20:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LEN];
data/safeclib-3.5/tests/test_strlastsame_s.c:84:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "Keep it simple");
data/safeclib-3.5/tests/test_strlastsame_s.c:85:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep_IT_SIMPLISTIC");
data/safeclib-3.5/tests/test_strlastsame_s.c:96:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "kEEP_IT_SIMPLE");
data/safeclib-3.5/tests/test_strlastsame_s.c:97:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simplistic");
data/safeclib-3.5/tests/test_strlastsame_s.c:108:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "kkEEP_IT_SIMPLE");
data/safeclib-3.5/tests/test_strlastsame_s.c:109:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "kkeep it simplistic");
data/safeclib-3.5/tests/test_strlastsame_s.c:120:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strlastsame_s.c:121:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keeP_IT_SIMPLe");
data/safeclib-3.5/tests/test_strlastsame_s.c:132:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strlastsame_s.c:148:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "KEEP it simple");
data/safeclib-3.5/tests/test_strlastsame_s.c:149:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strlastsame_s.c:164:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "KEEP it simple");
data/safeclib-3.5/tests/test_strlastsame_s.c:165:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "Keep it simple");
data/safeclib-3.5/tests/test_strlastsame_s.c:180:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strlastsame_s.c:181:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "KEEP_IT_SIMPLE");
data/safeclib-3.5/tests/test_strlastsame_s.c:196:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strlastsame_s.c:197:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "KEEP_IT_SIMPLE");
data/safeclib-3.5/tests/test_strljustify_s.c:19:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN];
data/safeclib-3.5/tests/test_strljustify_s.c:71:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "ABCDEFGHIJK");
data/safeclib-3.5/tests/test_strljustify_s.c:84:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, " ABCDEFGHIJK");
data/safeclib-3.5/tests/test_strljustify_s.c:110:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "ABC");
data/safeclib-3.5/tests/test_strljustify_s.c:123:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "ABC");
data/safeclib-3.5/tests/test_strljustify_s.c:137:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, " B ");
data/safeclib-3.5/tests/test_strljustify_s.c:151:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, " B ");
data/safeclib-3.5/tests/test_strljustify_s.c:164:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, " C ");
data/safeclib-3.5/tests/test_strljustify_s.c:177:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, " NowISTHETimE ");
data/safeclib-3.5/tests/test_strljustify_s.c:190:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, " qq21ego ");
data/safeclib-3.5/tests/test_strljustify_s.c:198:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, " 1234 ");
data/safeclib-3.5/tests/test_strnatcmp_s.c:18:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_strnatcmp_s.c:19:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_strnatcmp_s.c:21:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str4[4];
data/safeclib-3.5/tests/test_strnatcmp_s.c:63:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "test");
data/safeclib-3.5/tests/test_strnatcmp_s.c:64:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str4, "test", 4);
data/safeclib-3.5/tests/test_strnatcmp_s.c:81:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strnatcmp_s.c:82:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strnatcmp_s.c:90:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "Keep it simple");
data/safeclib-3.5/tests/test_strnatcmp_s.c:91:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strnatcmp_s.c:99:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strnatcmp_s.c:100:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keeP it simple");
data/safeclib-3.5/tests/test_strnatcmp_s.c:108:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strnatcmp_s.c:116:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simplified");
data/safeclib-3.5/tests/test_strnatcmp_s.c:117:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strnatcmp_s.c:125:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strnatcmp_s.c:126:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simplified");
data/safeclib-3.5/tests/test_strncat_s.c:27:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_strncat_s.c:28:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_strncat_s.c:38:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_strncat_s.c:53:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "bcde");
data/safeclib-3.5/tests/test_strncat_s.c:99:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "ab");
data/safeclib-3.5/tests/test_strncat_s.c:139:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc");
data/safeclib-3.5/tests/test_strncat_s.c:172:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_strncat_s.c:173:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strncat_s.c:184:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_strncat_s.c:185:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strncat_s.c:208:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abcd");
data/safeclib-3.5/tests/test_strncat_s.c:218:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abcd");
data/safeclib-3.5/tests/test_strncat_s.c:230:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abcd");
data/safeclib-3.5/tests/test_strncat_s.c:242:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abcdefgh");
data/safeclib-3.5/tests/test_strncat_s.c:254:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abcdefgh");
data/safeclib-3.5/tests/test_strncat_s.c:282:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_strncat_s.c:283:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strncat_s.c:297:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "good");
data/safeclib-3.5/tests/test_strncat_s.c:298:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "bye");
data/safeclib-3.5/tests/test_strncat_s.c:310:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "hello");
data/safeclib-3.5/tests/test_strncat_s.c:324:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "hello");
data/safeclib-3.5/tests/test_strncat_s.c:335:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc");
data/safeclib-3.5/tests/test_strncpy_s.c:28:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_strncpy_s.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_strncpy_s.c:30:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dest[LEN];
data/safeclib-3.5/tests/test_strncpy_s.c:54:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaa");
data/safeclib-3.5/tests/test_strncpy_s.c:71:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaa");
data/safeclib-3.5/tests/test_strncpy_s.c:77:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaa");
data/safeclib-3.5/tests/test_strncpy_s.c:82:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaa");
data/safeclib-3.5/tests/test_strncpy_s.c:87:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaa");
data/safeclib-3.5/tests/test_strncpy_s.c:105:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aa");
data/safeclib-3.5/tests/test_strncpy_s.c:114:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaa");
data/safeclib-3.5/tests/test_strncpy_s.c:131:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aa");
data/safeclib-3.5/tests/test_strncpy_s.c:145:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strncpy_s.c:146:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb");
data/safeclib-3.5/tests/test_strncpy_s.c:156:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strncpy_s.c:170:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strncpy_s.c:188:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_strncpy_s.c:201:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strncpy_s.c:216:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strncpy_s.c:228:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqeqeqeq");
data/safeclib-3.5/tests/test_strncpy_s.c:229:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strncpy_s.c:241:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqeqeqeq");
data/safeclib-3.5/tests/test_strncpy_s.c:242:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strncpy_s.c:254:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqeqeqeq");
data/safeclib-3.5/tests/test_strncpy_s.c:255:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strncpy_s.c:267:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, " ");
data/safeclib-3.5/tests/test_strncpy_s.c:268:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "hello");
data/safeclib-3.5/tests/test_strncpy_s.c:280:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, " ");
data/safeclib-3.5/tests/test_strncpy_s.c:281:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "goodbye");
data/safeclib-3.5/tests/test_strncpy_s.c:292:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, " ");
data/safeclib-3.5/tests/test_strncpy_s.c:293:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "goodbye");
data/safeclib-3.5/tests/test_strncpy_s.c:302:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, " ");
data/safeclib-3.5/tests/test_strncpy_s.c:303:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "good");
data/safeclib-3.5/tests/test_strncpy_s.c:313:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qq12345weqeqeqeq");
data/safeclib-3.5/tests/test_strncpy_s.c:314:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "it");
data/safeclib-3.5/tests/test_strnlen_s.c:16:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_strnlen_s.c:75:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "to");
data/safeclib-3.5/tests/test_strnset_s.c:17:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LEN];
data/safeclib-3.5/tests/test_strnset_s.c:47:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc");
data/safeclib-3.5/tests/test_strnset_s.c:55:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc");
data/safeclib-3.5/tests/test_strnset_s.c:69:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc");
data/safeclib-3.5/tests/test_strnset_s.c:83:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc");
data/safeclib-3.5/tests/test_strnset_s.c:97:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc");
data/safeclib-3.5/tests/test_strnset_s.c:111:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc");
data/safeclib-3.5/tests/test_strnset_s.c:125:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc");
data/safeclib-3.5/tests/test_strnset_s.c:139:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "Now is the time for all data to be zeroed");
data/safeclib-3.5/tests/test_strnterminate_s.c:18:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dest[LEN];
data/safeclib-3.5/tests/test_strnterminate_s.c:36:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, "test");
data/safeclib-3.5/tests/test_strnterminate_s.c:46:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, "test");
data/safeclib-3.5/tests/test_strnterminate_s.c:56:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, "ff");
data/safeclib-3.5/tests/test_strnterminate_s.c:78:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, "ff");
data/safeclib-3.5/tests/test_strnterminate_s.c:110:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, "ff");
data/safeclib-3.5/tests/test_strnterminate_s.c:121:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, "test");
data/safeclib-3.5/tests/test_strnterminate_s.c:132:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, "testing");
data/safeclib-3.5/tests/test_strnterminate_s.c:143:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, "testing");
data/safeclib-3.5/tests/test_strnterminate_s.c:154:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, "testing");
data/safeclib-3.5/tests/test_strnterminate_s.c:165:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, "testing");
data/safeclib-3.5/tests/test_strnterminate_s.c:176:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, "012345678901234567890");
data/safeclib-3.5/tests/test_strpbrk_s.c:15:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_strpbrk_s.c:16:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_strpbrk_s.c:86:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strpbrk_s.c:87:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "1234");
data/safeclib-3.5/tests/test_strpbrk_s.c:99:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strpbrk_s.c:100:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "ke");
data/safeclib-3.5/tests/test_strpbrk_s.c:112:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simplez");
data/safeclib-3.5/tests/test_strpbrk_s.c:125:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strpbrk_s.c:126:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "123456");
data/safeclib-3.5/tests/test_strpbrk_s.c:137:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strpbrk_s.c:146:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strpbrk_s.c:159:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strpbrk_s.c:160:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "ke");
data/safeclib-3.5/tests/test_strpbrk_s.c:172:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strpbrk_s.c:173:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "hip");
data/safeclib-3.5/tests/test_strpbrk_s.c:185:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simply");
data/safeclib-3.5/tests/test_strpbrk_s.c:186:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "123y");
data/safeclib-3.5/tests/test_strprefix_s.c:20:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LEN];
data/safeclib-3.5/tests/test_strprefix_s.c:21:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LEN];
data/safeclib-3.5/tests/test_strprefix_s.c:52:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strprefix_s.c:53:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep");
data/safeclib-3.5/tests/test_strprefix_s.c:59:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strprefix_s.c:60:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "kerp");
data/safeclib-3.5/tests/test_strprefix_s.c:66:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "ke");
data/safeclib-3.5/tests/test_strprefix_s.c:67:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "kerp");
data/safeclib-3.5/tests/test_strprefix_s.c:73:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strprefix_s.c:74:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep");
data/safeclib-3.5/tests/test_strprefix_s.c:80:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strprefix_s.c:81:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keeeep");
data/safeclib-3.5/tests/test_strprefix_s.c:87:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strprefix_s.c:93:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strprefix_s.c:94:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it sipmle and very long");
data/safeclib-3.5/tests/test_strprefix_s.c:102:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strprefix_s.c:103:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_strrchr_s.c:15:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[LEN];
data/safeclib-3.5/tests/test_strrchr_s.c:62:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "keep it all together");
data/safeclib-3.5/tests/test_strrchr_s.c:88:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "keep it all together");
data/safeclib-3.5/tests/test_strrchr_s.c:110:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "keep it all together");
data/safeclib-3.5/tests/test_strremovews_s.c:19:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN];
data/safeclib-3.5/tests/test_strremovews_s.c:41:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "ABCDEFGHIJK");
data/safeclib-3.5/tests/test_strremovews_s.c:52:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "ABCDEFGHIJK");
data/safeclib-3.5/tests/test_strremovews_s.c:64:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, " ABCDEFGHIJK");
data/safeclib-3.5/tests/test_strremovews_s.c:81:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, " ABCDEFGHIJK");
data/safeclib-3.5/tests/test_strremovews_s.c:106:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "ABC");
data/safeclib-3.5/tests/test_strremovews_s.c:118:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, " B");
data/safeclib-3.5/tests/test_strremovews_s.c:130:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, " C ");
data/safeclib-3.5/tests/test_strremovews_s.c:143:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, " NowISTHETimE 1 2 ");
data/safeclib-3.5/tests/test_strremovews_s.c:156:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, " q q21ego");
data/safeclib-3.5/tests/test_strremovews_s.c:169:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, " 1 2 3 4 ");
data/safeclib-3.5/tests/test_strset_s.c:17:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LEN];
data/safeclib-3.5/tests/test_strset_s.c:50:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc");
data/safeclib-3.5/tests/test_strset_s.c:64:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc");
data/safeclib-3.5/tests/test_strset_s.c:78:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc");
data/safeclib-3.5/tests/test_strset_s.c:91:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc");
data/safeclib-3.5/tests/test_strset_s.c:105:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc");
data/safeclib-3.5/tests/test_strset_s.c:119:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc");
data/safeclib-3.5/tests/test_strset_s.c:133:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "Now is the time for all data to be zeroed");
data/safeclib-3.5/tests/test_strspn_s.c:28:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_strspn_s.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_strspn_s.c:98:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strspn_s.c:99:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep");
data/safeclib-3.5/tests/test_strspn_s.c:107:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strspn_s.c:108:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep");
data/safeclib-3.5/tests/test_strspn_s.c:116:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strspn_s.c:117:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep");
data/safeclib-3.5/tests/test_strspn_s.c:125:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strspn_s.c:135:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strspn_s.c:136:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "ke");
data/safeclib-3.5/tests/test_strspn_s.c:145:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strspn_s.c:146:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep");
data/safeclib-3.5/tests/test_strspn_s.c:155:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strspn_s.c:156:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep");
data/safeclib-3.5/tests/test_strspn_s.c:165:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strspn_s.c:166:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "notincluded");
data/safeclib-3.5/tests/test_strspn_s.c:175:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_strspn_s.c:176:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "1234567890");
data/safeclib-3.5/tests/test_strstr_s.c:15:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_strstr_s.c:16:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_strstr_s.c:81:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strstr_s.c:82:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep");
data/safeclib-3.5/tests/test_strstr_s.c:100:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strstr_s.c:109:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strstr_s.c:110:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "kee");
data/safeclib-3.5/tests/test_strstr_s.c:119:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strstr_s.c:129:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strstr_s.c:130:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "eep it");
data/safeclib-3.5/tests/test_strstr_s.c:139:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strstr_s.c:140:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "ethe");
data/safeclib-3.5/tests/test_strstr_s.c:149:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strstr_s.c:150:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "he");
data/safeclib-3.5/tests/test_strstr_s.c:161:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strstr_s.c:162:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "er");
data/safeclib-3.5/tests/test_strstr_s.c:173:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strstr_s.c:174:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "it all");
data/safeclib-3.5/tests/test_strstr_s.c:182:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strstr_s.c:183:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "it all");
data/safeclib-3.5/tests/test_strstr_s.c:190:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strstr_s.c:191:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "it all");
data/safeclib-3.5/tests/test_strstr_s.c:197:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strstr_s.c:198:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "1234");
data/safeclib-3.5/tests/test_strstr_s.c:208:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strstr_s.c:209:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "it all");
data/safeclib-3.5/tests/test_strstr_s.c:215:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it all together");
data/safeclib-3.5/tests/test_strstr_s.c:216:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "eep");
data/safeclib-3.5/tests/test_strtok_s.c:34:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LEN];
data/safeclib-3.5/tests/test_strtok_s.c:35:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[LEN];
data/safeclib-3.5/tests/test_strtok_s.c:41:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaa");
data/safeclib-3.5/tests/test_strtok_s.c:42:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "fedcba");
data/safeclib-3.5/tests/test_strtok_s.c:103:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaa");
data/safeclib-3.5/tests/test_strtok_s.c:106:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "fedcba");
data/safeclib-3.5/tests/test_strtok_s.c:118:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "jklmnopqrst");
data/safeclib-3.5/tests/test_strtok_s.c:121:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "fedcba");
data/safeclib-3.5/tests/test_strtok_s.c:135:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaamnopqrst");
data/safeclib-3.5/tests/test_strtok_s.c:138:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "fedcba");
data/safeclib-3.5/tests/test_strtok_s.c:151:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaamnopqrstfedcba");
data/safeclib-3.5/tests/test_strtok_s.c:154:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "fedcba");
data/safeclib-3.5/tests/test_strtok_s.c:186:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "?a???b,,,#c");
data/safeclib-3.5/tests/test_strtok_s.c:203:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "?a???b,,,#c");
data/safeclib-3.5/tests/test_strtok_s.c:221:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, ",,0,1,23,456,789,a,b,");
data/safeclib-3.5/tests/test_strtok_s.c:244:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, ",.*;one,two;three,;four*.*.five-six***");
data/safeclib-3.5/tests/test_strtok_s.c:248:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, ",.;*");
data/safeclib-3.5/tests/test_strtok_s.c:292:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, ",.*;one,two;three,;four*.*.five-six***");
data/safeclib-3.5/tests/test_strtok_s.c:296:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, ",.;*");
data/safeclib-3.5/tests/test_strtok_s.c:316:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, ",.*;one,two;three,;four*.*.five-six***");
data/safeclib-3.5/tests/test_strtok_s.c:320:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, ",.;*");
data/safeclib-3.5/tests/test_strtok_s.c:344:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, ",.*;one,two;three,;four*.*.five-six***");
data/safeclib-3.5/tests/test_strtok_s.c:348:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, ",.;*");
data/safeclib-3.5/tests/test_strtolowercase_s.c:17:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN];
data/safeclib-3.5/tests/test_strtolowercase_s.c:61:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "NOWISTHETIM3");
data/safeclib-3.5/tests/test_strtolowercase_s.c:71:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "NOWISTHETIME");
data/safeclib-3.5/tests/test_strtolowercase_s.c:82:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "qqeRo");
data/safeclib-3.5/tests/test_strtolowercase_s.c:93:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "1234");
data/safeclib-3.5/tests/test_strtouppercase_s.c:17:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[LEN];
data/safeclib-3.5/tests/test_strtouppercase_s.c:86:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "nowisthetime");
data/safeclib-3.5/tests/test_strtouppercase_s.c:99:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "qqeRo");
data/safeclib-3.5/tests/test_strtouppercase_s.c:112:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "1234");
data/safeclib-3.5/tests/test_strzero_s.c:17:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[LEN];
data/safeclib-3.5/tests/test_strzero_s.c:44:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc");
data/safeclib-3.5/tests/test_strzero_s.c:57:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc\0xxxxxxxxxxxxxxxxxxx");
data/safeclib-3.5/tests/test_strzero_s.c:70:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc\0xxxxxxxxxxxxxxxxxxx");
data/safeclib-3.5/tests/test_strzero_s.c:83:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc\0xxxxxxxxxxxxxxxxxxx");
data/safeclib-3.5/tests/test_strzero_s.c:97:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "abc\0xxxxxxxxxxxxxxxxxxx");
data/safeclib-3.5/tests/test_strzero_s.c:110:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "Now is the time for all data to be zeroed");
data/safeclib-3.5/tests/test_swprintf_s.c:32:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str1[LEN];
data/safeclib-3.5/tests/test_swprintf_s.c:33:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str2[LEN];
data/safeclib-3.5/tests/test_swprintf_s.c:92:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaa");
data/safeclib-3.5/tests/test_swprintf_s.c:93:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_swprintf_s.c:112:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_swprintf_s.c:121:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_swprintf_s.c:130:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_swprintf_s.c:148:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_swprintf_s.c:156:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"qqweqq");
data/safeclib-3.5/tests/test_swprintf_s.c:157:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_swprintf_s.c:165:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"1234");
data/safeclib-3.5/tests/test_swprintf_s.c:166:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_swprintf_s.c:174:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"1234");
data/safeclib-3.5/tests/test_swprintf_s.c:175:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_swprintf_s.c:183:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"12345678901234567890");
data/safeclib-3.5/tests/test_swprintf_s.c:209:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"123456789");
data/safeclib-3.5/tests/test_swprintf_s.c:217:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"123");
data/safeclib-3.5/tests/test_swprintf_s.c:218:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_swprintf_s.c:226:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"1234");
data/safeclib-3.5/tests/test_swprintf_s.c:227:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"56789");
data/safeclib-3.5/tests/test_swscanf_s.c:22:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t wstr1[LEN];
data/safeclib-3.5/tests/test_swscanf_s.c:23:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t wstr2[LEN];
data/safeclib-3.5/tests/test_swscanf_s.c:24:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str3[LEN];
data/safeclib-3.5/tests/test_swscanf_s.c:71:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L" 24");
data/safeclib-3.5/tests/test_swscanf_s.c:139:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"aaaaaaaaaa");
data/safeclib-3.5/tests/test_swscanf_s.c:157:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"keep it simple");
data/safeclib-3.5/tests/test_swscanf_s.c:175:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"keep it simple");
data/safeclib-3.5/tests/test_swscanf_s.c:183:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"qqweqq");
data/safeclib-3.5/tests/test_swscanf_s.c:184:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"keep it simple");
data/safeclib-3.5/tests/test_tmpnam_s.c:22:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_tmpnam_s.c:81:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqeqeqeq");
data/safeclib-3.5/tests/test_tmpnam_s.c:96:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_tmpnam_s.c:108:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_towfc_s.c:32:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t result[MAX_LEN];
data/safeclib-3.5/tests/test_towfc_s.c:33:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[128];
data/safeclib-3.5/tests/test_towfc_s.c:34:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char code[8];
data/safeclib-3.5/tests/test_towfc_s.c:35:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status[2];
data/safeclib-3.5/tests/test_towfc_s.c:36:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapping[24];
data/safeclib-3.5/tests/test_towfc_s.c:37:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[80];
data/safeclib-3.5/tests/test_towfc_s.c:66:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(CFOLD, "r");
data/safeclib-3.5/tests/test_towfc_s.c:78:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, s, l);
data/safeclib-3.5/tests/test_towfc_s.c:84:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mapping, &p[5], l);
data/safeclib-3.5/tests/test_towfc_s.c:138:32: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t cmp[MAX_LEN];
data/safeclib-3.5/tests/test_towlower.c:26:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[128];
data/safeclib-3.5/tests/test_towlower.c:27:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char code[8];
data/safeclib-3.5/tests/test_towlower.c:28:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status[2];
data/safeclib-3.5/tests/test_towlower.c:29:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapping[24];
data/safeclib-3.5/tests/test_towlower.c:30:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[80];
data/safeclib-3.5/tests/test_towlower.c:37:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(CFOLD, "r");
data/safeclib-3.5/tests/test_towlower.c:49:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, s, l);
data/safeclib-3.5/tests/test_towlower.c:55:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mapping, &p[5], l); /* the other cases */
data/safeclib-3.5/tests/test_towupper.c:39:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[128];
data/safeclib-3.5/tests/test_towupper.c:40:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char code[16];
data/safeclib-3.5/tests/test_towupper.c:41:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status[3];
data/safeclib-3.5/tests/test_towupper.c:42:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mapping[24];
data/safeclib-3.5/tests/test_towupper.c:43:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[80];
data/safeclib-3.5/tests/test_towupper.c:61:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, s, l);
data/safeclib-3.5/tests/test_towupper.c:67:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mapping, &p[5], l); /* the other cases */
data/safeclib-3.5/tests/test_towupper.c:148:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pl = fopen(TESTPL, "w");
data/safeclib-3.5/tests/test_towupper.c:149:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(GENCAT, "r");
data/safeclib-3.5/tests/test_towupper.c:155:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
cf = fopen(CFOLD, "r");
data/safeclib-3.5/tests/test_towupper.c:185:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(code, s, l);
data/safeclib-3.5/tests/test_vfprintf_s.c:24:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_vfprintf_s.c:25:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_vfprintf_s.c:43:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(TMP, "w");
data/safeclib-3.5/tests/test_vfprintf_s.c:90:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "12");
data/safeclib-3.5/tests/test_vfprintf_s.c:91:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "34");
data/safeclib-3.5/tests/test_vfwprintf_s.c:24:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t wstr[LEN];
data/safeclib-3.5/tests/test_vfwprintf_s.c:25:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[LEN];
data/safeclib-3.5/tests/test_vfwprintf_s.c:43:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(TMP, "w");
data/safeclib-3.5/tests/test_vfwprintf_s.c:84:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr, L"12");
data/safeclib-3.5/tests/test_vfwprintf_s.c:85:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "34");
data/safeclib-3.5/tests/test_vfwscanf_s.c:27:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t wstr1[LEN];
data/safeclib-3.5/tests/test_vfwscanf_s.c:28:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t wstr2[LEN];
data/safeclib-3.5/tests/test_vfwscanf_s.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str3[LEN];
data/safeclib-3.5/tests/test_vfwscanf_s.c:38:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(TMP, "w+");
data/safeclib-3.5/tests/test_vfwscanf_s.c:184:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"keep it simple");
data/safeclib-3.5/tests/test_vfwscanf_s.c:204:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"keep it simple");
data/safeclib-3.5/tests/test_vprintf_s.c:15:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_vprintf_s.c:16:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_vprintf_s.c:69:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "12");
data/safeclib-3.5/tests/test_vprintf_s.c:70:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "34");
data/safeclib-3.5/tests/test_vsnprintf_s.c:28:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_vsnprintf_s.c:29:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_vsnprintf_s.c:125:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_vsnprintf_s.c:126:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsnprintf_s.c:138:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_vsnprintf_s.c:139:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsnprintf_s.c:150:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_vsnprintf_s.c:151:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsnprintf_s.c:170:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsnprintf_s.c:184:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsnprintf_s.c:198:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsnprintf_s.c:216:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsnprintf_s.c:224:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqq");
data/safeclib-3.5/tests/test_vsnprintf_s.c:225:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsnprintf_s.c:233:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "1234");
data/safeclib-3.5/tests/test_vsnprintf_s.c:234:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsnprintf_s.c:246:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "1234");
data/safeclib-3.5/tests/test_vsnprintf_s.c:247:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsnprintf_s.c:255:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "12345678901234567890");
data/safeclib-3.5/tests/test_vsnprintf_s.c:267:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "123456789");
data/safeclib-3.5/tests/test_vsnprintf_s.c:275:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "123");
data/safeclib-3.5/tests/test_vsnprintf_s.c:276:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_vsnprintf_s.c:284:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "1234");
data/safeclib-3.5/tests/test_vsnprintf_s.c:285:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "56789");
data/safeclib-3.5/tests/test_vsnwprintf_s.c:16:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str1[LEN];
data/safeclib-3.5/tests/test_vsnwprintf_s.c:17:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str2[LEN];
data/safeclib-3.5/tests/test_vsnwprintf_s.c:77:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaa");
data/safeclib-3.5/tests/test_vsnwprintf_s.c:78:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_vsnwprintf_s.c:97:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_vsnwprintf_s.c:106:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_vsnwprintf_s.c:115:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_vsnwprintf_s.c:133:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_vsnwprintf_s.c:141:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"qqweqq");
data/safeclib-3.5/tests/test_vsnwprintf_s.c:142:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_vsnwprintf_s.c:150:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"1234");
data/safeclib-3.5/tests/test_vsnwprintf_s.c:151:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_vsnwprintf_s.c:159:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"1234");
data/safeclib-3.5/tests/test_vsnwprintf_s.c:160:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_vsnwprintf_s.c:168:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"12345678901234567890");
data/safeclib-3.5/tests/test_vsnwprintf_s.c:176:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"123456789");
data/safeclib-3.5/tests/test_vsnwprintf_s.c:184:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"123");
data/safeclib-3.5/tests/test_vsnwprintf_s.c:185:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_vsnwprintf_s.c:193:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"1234");
data/safeclib-3.5/tests/test_vsnwprintf_s.c:194:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"56789");
data/safeclib-3.5/tests/test_vsprintf_s.c:27:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str1[LEN];
data/safeclib-3.5/tests/test_vsprintf_s.c:28:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str2[LEN];
data/safeclib-3.5/tests/test_vsprintf_s.c:110:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_vsprintf_s.c:111:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsprintf_s.c:120:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_vsprintf_s.c:121:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsprintf_s.c:130:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "aaaaaaaaaa");
data/safeclib-3.5/tests/test_vsprintf_s.c:131:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsprintf_s.c:150:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsprintf_s.c:160:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsprintf_s.c:170:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsprintf_s.c:188:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsprintf_s.c:196:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "qqweqq");
data/safeclib-3.5/tests/test_vsprintf_s.c:197:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsprintf_s.c:205:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "1234");
data/safeclib-3.5/tests/test_vsprintf_s.c:206:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsprintf_s.c:214:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "1234");
data/safeclib-3.5/tests/test_vsprintf_s.c:215:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "keep it simple");
data/safeclib-3.5/tests/test_vsprintf_s.c:223:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "12345678901234567890");
data/safeclib-3.5/tests/test_vsprintf_s.c:232:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "123456789");
data/safeclib-3.5/tests/test_vsprintf_s.c:240:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "123");
data/safeclib-3.5/tests/test_vsprintf_s.c:241:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "keep it simple");
data/safeclib-3.5/tests/test_vsprintf_s.c:249:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "1234");
data/safeclib-3.5/tests/test_vsprintf_s.c:250:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str1, "56789");
data/safeclib-3.5/tests/test_vswprintf_s.c:33:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str1[LEN];
data/safeclib-3.5/tests/test_vswprintf_s.c:34:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str2[LEN];
data/safeclib-3.5/tests/test_vswprintf_s.c:110:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaa");
data/safeclib-3.5/tests/test_vswprintf_s.c:111:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_vswprintf_s.c:130:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_vswprintf_s.c:139:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_vswprintf_s.c:148:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_vswprintf_s.c:166:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_vswprintf_s.c:174:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"qqweqq");
data/safeclib-3.5/tests/test_vswprintf_s.c:175:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_vswprintf_s.c:183:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"1234");
data/safeclib-3.5/tests/test_vswprintf_s.c:184:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_vswprintf_s.c:190:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"1234");
data/safeclib-3.5/tests/test_vswprintf_s.c:198:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"1234");
data/safeclib-3.5/tests/test_vswprintf_s.c:199:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_vswprintf_s.c:207:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"12345678901234567890");
data/safeclib-3.5/tests/test_vswprintf_s.c:221:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"123456789");
data/safeclib-3.5/tests/test_vswprintf_s.c:229:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"123");
data/safeclib-3.5/tests/test_vswprintf_s.c:230:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_vswprintf_s.c:238:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"1234");
data/safeclib-3.5/tests/test_vswprintf_s.c:239:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"56789");
data/safeclib-3.5/tests/test_vswscanf_s.c:15:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t wstr1[LEN];
data/safeclib-3.5/tests/test_vswscanf_s.c:16:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t wstr2[LEN];
data/safeclib-3.5/tests/test_vswscanf_s.c:17:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str3[LEN];
data/safeclib-3.5/tests/test_vswscanf_s.c:56:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L" 24");
data/safeclib-3.5/tests/test_vswscanf_s.c:101:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"aaaaaaaaaa");
data/safeclib-3.5/tests/test_vswscanf_s.c:116:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"keep it simple");
data/safeclib-3.5/tests/test_vswscanf_s.c:134:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"keep it simple");
data/safeclib-3.5/tests/test_vswscanf_s.c:142:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"qqweqq");
data/safeclib-3.5/tests/test_vswscanf_s.c:143:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"keep it simple");
data/safeclib-3.5/tests/test_vwprintf_s.c:22:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t wstr[LEN];
data/safeclib-3.5/tests/test_vwprintf_s.c:23:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[LEN];
data/safeclib-3.5/tests/test_vwprintf_s.c:88:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr, L"12");
data/safeclib-3.5/tests/test_vwprintf_s.c:89:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "34");
data/safeclib-3.5/tests/test_vwscanf_s.c:17:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t wstr1[LEN];
data/safeclib-3.5/tests/test_vwscanf_s.c:18:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t wstr2[LEN];
data/safeclib-3.5/tests/test_vwscanf_s.c:19:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str3[LEN];
data/safeclib-3.5/tests/test_vwscanf_s.c:29:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen(TMP, "w");
data/safeclib-3.5/tests/test_vwscanf_s.c:63:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L" 24");
data/safeclib-3.5/tests/test_vwscanf_s.c:111:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"aaaaaaaaaa");
data/safeclib-3.5/tests/test_vwscanf_s.c:126:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"keep it simple");
data/safeclib-3.5/tests/test_vwscanf_s.c:148:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"keep it simple");
data/safeclib-3.5/tests/test_vwscanf_s.c:160:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"qqweqq");
data/safeclib-3.5/tests/test_vwscanf_s.c:161:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"keep it simple");
data/safeclib-3.5/tests/test_wcrtomb_s.c:22:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dest[LEN];
data/safeclib-3.5/tests/test_wcscat_s.c:21:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str1[LEN];
data/safeclib-3.5/tests/test_wcscat_s.c:22:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str2[LEN];
data/safeclib-3.5/tests/test_wcscat_s.c:45:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"untouched");
data/safeclib-3.5/tests/test_wcscat_s.c:57:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"untouched");
data/safeclib-3.5/tests/test_wcscat_s.c:68:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaa");
data/safeclib-3.5/tests/test_wcscat_s.c:69:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscat_s.c:77:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaa");
data/safeclib-3.5/tests/test_wcscat_s.c:78:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscat_s.c:86:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(&str1[0], L"aaaaaaaaaa");
data/safeclib-3.5/tests/test_wcscat_s.c:87:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(&str2[0], L"keep it simple");
data/safeclib-3.5/tests/test_wcscat_s.c:104:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscat_s.c:113:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscat_s.c:121:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaa");
data/safeclib-3.5/tests/test_wcscat_s.c:122:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscat_s.c:130:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaa");
data/safeclib-3.5/tests/test_wcscat_s.c:131:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscat_s.c:139:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abcd");
data/safeclib-3.5/tests/test_wcscat_s.c:146:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abcd");
data/safeclib-3.5/tests/test_wcscat_s.c:155:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abcdefgh");
data/safeclib-3.5/tests/test_wcscat_s.c:164:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abcdefgh");
data/safeclib-3.5/tests/test_wcscat_s.c:174:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscat_s.c:195:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscat_s.c:204:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"qqweqq");
data/safeclib-3.5/tests/test_wcscat_s.c:205:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscat_s.c:215:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"1234");
data/safeclib-3.5/tests/test_wcscat_s.c:216:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscat_s.c:225:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"1234");
data/safeclib-3.5/tests/test_wcscat_s.c:226:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscat_s.c:236:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"12345678901234567890");
data/safeclib-3.5/tests/test_wcscat_s.c:245:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"123456789");
data/safeclib-3.5/tests/test_wcscat_s.c:254:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"123");
data/safeclib-3.5/tests/test_wcscat_s.c:255:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcscat_s.c:265:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"1234");
data/safeclib-3.5/tests/test_wcscat_s.c:266:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"56789");
data/safeclib-3.5/tests/test_wcscmp_s.c:50:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str1[LEN];
data/safeclib-3.5/tests/test_wcscmp_s.c:51:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str2[LEN];
data/safeclib-3.5/tests/test_wcscmp_s.c:124:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcscmp_s.c:125:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscmp_s.c:134:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"Keep it simple");
data/safeclib-3.5/tests/test_wcscmp_s.c:135:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscmp_s.c:146:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcscmp_s.c:147:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keeP it simple");
data/safeclib-3.5/tests/test_wcscmp_s.c:157:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcscmp_s.c:171:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simplified");
data/safeclib-3.5/tests/test_wcscmp_s.c:172:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscmp_s.c:182:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcscmp_s.c:183:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simplified");
data/safeclib-3.5/tests/test_wcscoll_s.c:50:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str1[LEN];
data/safeclib-3.5/tests/test_wcscoll_s.c:51:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str2[LEN];
data/safeclib-3.5/tests/test_wcscoll_s.c:124:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcscoll_s.c:125:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscoll_s.c:134:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"Keep it simple");
data/safeclib-3.5/tests/test_wcscoll_s.c:135:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscoll_s.c:145:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcscoll_s.c:146:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keeP it simple");
data/safeclib-3.5/tests/test_wcscoll_s.c:155:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcscoll_s.c:169:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simplified");
data/safeclib-3.5/tests/test_wcscoll_s.c:170:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscoll_s.c:179:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcscoll_s.c:180:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simplified");
data/safeclib-3.5/tests/test_wcscpy_s.c:22:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str1[LEN];
data/safeclib-3.5/tests/test_wcscpy_s.c:23:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str2[LEN];
data/safeclib-3.5/tests/test_wcscpy_s.c:43:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_wcscpy_s.c:52:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"untouched");
data/safeclib-3.5/tests/test_wcscpy_s.c:70:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"untouched");
data/safeclib-3.5/tests/test_wcscpy_s.c:80:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_wcscpy_s.c:89:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_wcscpy_s.c:98:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcscpy_s.c:108:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcscpy_s.c:116:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcscpy_s.c:126:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscpy_s.c:136:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"qqweqeqeqeq");
data/safeclib-3.5/tests/test_wcscpy_s.c:137:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscpy_s.c:146:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"qqweqeqeqeq");
data/safeclib-3.5/tests/test_wcscpy_s.c:147:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscpy_s.c:155:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"qqweqeqeqeq");
data/safeclib-3.5/tests/test_wcscpy_s.c:156:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcscpy_s.c:164:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"qqweqeqeqeq");
data/safeclib-3.5/tests/test_wcscpy_s.c:165:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"it");
data/safeclib-3.5/tests/test_wcscpy_s.c:174:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"it");
data/safeclib-3.5/tests/test_wcscpy_s.c:175:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"qqweqeqeqeq");
data/safeclib-3.5/tests/test_wcscpy_s.c:184:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"qq12345weqeqeqeq");
data/safeclib-3.5/tests/test_wcscpy_s.c:185:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"it");
data/safeclib-3.5/tests/test_wcsfc_s.c:33:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t str[LEN];
data/safeclib-3.5/tests/test_wcsfc_s.c:34:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t str1[LEN];
data/safeclib-3.5/tests/test_wcsfc_s.c:44:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pl = fopen(TESTPL, "w");
data/safeclib-3.5/tests/test_wcsfc_s.c:49:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"untouched");
data/safeclib-3.5/tests/test_wcsfc_s.c:119:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"a"
data/safeclib-3.5/tests/test_wcsfc_s.c:130:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"a"
data/safeclib-3.5/tests/test_wcsfc_s.c:140:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x61"
data/safeclib-3.5/tests/test_wcsfc_s.c:147:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x61"
data/safeclib-3.5/tests/test_wcsfc_s.c:154:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x65"
data/safeclib-3.5/tests/test_wcsfc_s.c:161:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x73"
data/safeclib-3.5/tests/test_wcsfc_s.c:168:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\xa8"
data/safeclib-3.5/tests/test_wcsfc_s.c:175:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x3b1"
data/safeclib-3.5/tests/test_wcsfc_s.c:183:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x3b5"
data/safeclib-3.5/tests/test_wcsfc_s.c:190:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x3b1"
data/safeclib-3.5/tests/test_wcsfc_s.c:198:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x3b1"
data/safeclib-3.5/tests/test_wcsfc_s.c:207:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x3c5"
data/safeclib-3.5/tests/test_wcsfc_s.c:214:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\xa8"
data/safeclib-3.5/tests/test_wcsfc_s.c:235:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"a"
data/safeclib-3.5/tests/test_wcsfc_s.c:248:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"u"
data/safeclib-3.5/tests/test_wcsfc_s.c:266:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x3c2"
data/safeclib-3.5/tests/test_wcsfc_s.c:276:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x3c3"
data/safeclib-3.5/tests/test_wcsfc_s.c:333:9: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"a"
data/safeclib-3.5/tests/test_wcsfc_s.c:350:9: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"i"
data/safeclib-3.5/tests/test_wcsfc_s.c:361:9: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x69"
data/safeclib-3.5/tests/test_wcsfc_s.c:369:9: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x69"
data/safeclib-3.5/tests/test_wcsfc_s.c:377:9: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x69"
data/safeclib-3.5/tests/test_wcsfc_s.c:388:9: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x69"
data/safeclib-3.5/tests/test_wcsfc_s.c:398:9: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x6a"
data/safeclib-3.5/tests/test_wcsfc_s.c:408:9: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x69"
data/safeclib-3.5/tests/test_wcsfc_s.c:418:9: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x12f"
data/safeclib-3.5/tests/test_wcsfc_s.c:428:9: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x12f"
data/safeclib-3.5/tests/test_wcsfc_s.c:460:16: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t src[5];
data/safeclib-3.5/tests/test_wcsicmp_s.c:50:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str1[LEN];
data/safeclib-3.5/tests/test_wcsicmp_s.c:51:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str2[LEN];
data/safeclib-3.5/tests/test_wcsicmp_s.c:124:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"Keep it simple");
data/safeclib-3.5/tests/test_wcsicmp_s.c:125:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcsicmp_s.c:134:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"Simple A"
data/safeclib-3.5/tests/test_wcsicmp_s.c:136:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"simple a"
data/safeclib-3.5/tests/test_wcsicmp_s.c:147:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcsicmp_s.c:148:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keex it simple");
data/safeclib-3.5/tests/test_wcsicmp_s.c:158:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcsicmp_s.c:172:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simplified");
data/safeclib-3.5/tests/test_wcsicmp_s.c:173:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcsicmp_s.c:183:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcsicmp_s.c:184:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simplified");
data/safeclib-3.5/tests/test_wcslwr_s.c:17:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t str[LEN];
data/safeclib-3.5/tests/test_wcslwr_s.c:22:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"untouched");
data/safeclib-3.5/tests/test_wcslwr_s.c:29:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"untouched");
data/safeclib-3.5/tests/test_wcslwr_s.c:36:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"untouched");
data/safeclib-3.5/tests/test_wcslwr_s.c:46:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"untouched");
data/safeclib-3.5/tests/test_wcslwr_s.c:75:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"NOWISTHETIM3");
data/safeclib-3.5/tests/test_wcslwr_s.c:83:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"NOWISTHETIME");
data/safeclib-3.5/tests/test_wcslwr_s.c:92:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"qqeRo");
data/safeclib-3.5/tests/test_wcslwr_s.c:101:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"1234");
data/safeclib-3.5/tests/test_wcsnatcmp_s.c:14:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str1[LEN];
data/safeclib-3.5/tests/test_wcsnatcmp_s.c:15:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str2[LEN];
data/safeclib-3.5/tests/test_wcsnatcmp_s.c:72:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcsnatcmp_s.c:73:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcsnatcmp_s.c:81:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"Keep it simple");
data/safeclib-3.5/tests/test_wcsnatcmp_s.c:82:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcsnatcmp_s.c:90:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcsnatcmp_s.c:91:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keeP it simple");
data/safeclib-3.5/tests/test_wcsnatcmp_s.c:99:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcsnatcmp_s.c:107:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simplified");
data/safeclib-3.5/tests/test_wcsnatcmp_s.c:108:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcsnatcmp_s.c:116:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcsnatcmp_s.c:117:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simplified");
data/safeclib-3.5/tests/test_wcsncat_s.c:23:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str1[LEN];
data/safeclib-3.5/tests/test_wcsncat_s.c:24:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str2[LEN];
data/safeclib-3.5/tests/test_wcsncat_s.c:36:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"aaaaa");
data/safeclib-3.5/tests/test_wcsncat_s.c:92:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"untouched");
data/safeclib-3.5/tests/test_wcsncat_s.c:117:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"ab");
data/safeclib-3.5/tests/test_wcsncat_s.c:132:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaa");
data/safeclib-3.5/tests/test_wcsncat_s.c:133:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcsncat_s.c:144:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaa");
data/safeclib-3.5/tests/test_wcsncat_s.c:145:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcsncat_s.c:168:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abcd");
data/safeclib-3.5/tests/test_wcsncat_s.c:178:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abcd");
data/safeclib-3.5/tests/test_wcsncat_s.c:190:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abcd");
data/safeclib-3.5/tests/test_wcsncat_s.c:202:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abcdefgh");
data/safeclib-3.5/tests/test_wcsncat_s.c:214:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abcdefgh");
data/safeclib-3.5/tests/test_wcsncat_s.c:236:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaa");
data/safeclib-3.5/tests/test_wcsncat_s.c:237:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcsncat_s.c:248:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"good");
data/safeclib-3.5/tests/test_wcsncat_s.c:249:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"bye");
data/safeclib-3.5/tests/test_wcsncat_s.c:261:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"hello");
data/safeclib-3.5/tests/test_wcsncat_s.c:272:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"hello");
data/safeclib-3.5/tests/test_wcsncat_s.c:283:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abc");
data/safeclib-3.5/tests/test_wcsncmp_s.c:50:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str1[LEN];
data/safeclib-3.5/tests/test_wcsncmp_s.c:51:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str2[LEN];
data/safeclib-3.5/tests/test_wcsncmp_s.c:125:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcsncmp_s.c:126:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcsncmp_s.c:136:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"Keep it simple");
data/safeclib-3.5/tests/test_wcsncmp_s.c:137:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcsncmp_s.c:148:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcsncmp_s.c:149:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keeP it simple");
data/safeclib-3.5/tests/test_wcsncmp_s.c:159:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcsncmp_s.c:173:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simplified");
data/safeclib-3.5/tests/test_wcsncmp_s.c:174:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcsncmp_s.c:184:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcsncmp_s.c:185:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simplified");
data/safeclib-3.5/tests/test_wcsncmp_s.c:196:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcsncmp_s.c:197:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simplified");
data/safeclib-3.5/tests/test_wcsncpy_s.c:22:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str1[LEN];
data/safeclib-3.5/tests/test_wcsncpy_s.c:23:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str2[LEN];
data/safeclib-3.5/tests/test_wcsncpy_s.c:24:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t dest[LEN];
data/safeclib-3.5/tests/test_wcsncpy_s.c:43:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_wcsncpy_s.c:52:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"untouched");
data/safeclib-3.5/tests/test_wcsncpy_s.c:78:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"untouched");
data/safeclib-3.5/tests/test_wcsncpy_s.c:85:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_wcsncpy_s.c:86:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb");
data/safeclib-3.5/tests/test_wcsncpy_s.c:108:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaa");
data/safeclib-3.5/tests/test_wcsncpy_s.c:120:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aa");
data/safeclib-3.5/tests/test_wcsncpy_s.c:121:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"bb");
data/safeclib-3.5/tests/test_wcsncpy_s.c:127:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aa");
data/safeclib-3.5/tests/test_wcsncpy_s.c:134:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_wcsncpy_s.c:146:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_wcsncpy_s.c:161:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa");
data/safeclib-3.5/tests/test_wcsncpy_s.c:173:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"keep it simple");
data/safeclib-3.5/tests/test_wcsncpy_s.c:186:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcsncpy_s.c:197:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"qqweqeqeqeq");
data/safeclib-3.5/tests/test_wcsncpy_s.c:198:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcsncpy_s.c:209:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"qqweqeqeqeq");
data/safeclib-3.5/tests/test_wcsncpy_s.c:210:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcsncpy_s.c:218:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"qqweqeqeqeq");
data/safeclib-3.5/tests/test_wcsncpy_s.c:219:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"keep it simple");
data/safeclib-3.5/tests/test_wcsncpy_s.c:229:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(dest, L" ");
data/safeclib-3.5/tests/test_wcsncpy_s.c:230:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"hello");
data/safeclib-3.5/tests/test_wcsncpy_s.c:241:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(dest, L" ");
data/safeclib-3.5/tests/test_wcsncpy_s.c:242:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"goodbye");
data/safeclib-3.5/tests/test_wcsncpy_s.c:252:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(dest, L" ");
data/safeclib-3.5/tests/test_wcsncpy_s.c:253:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"goodbye");
data/safeclib-3.5/tests/test_wcsncpy_s.c:263:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(dest, L" ");
data/safeclib-3.5/tests/test_wcsncpy_s.c:264:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"good");
data/safeclib-3.5/tests/test_wcsncpy_s.c:275:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"qq12345weqeqeqeq");
data/safeclib-3.5/tests/test_wcsncpy_s.c:276:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"it");
data/safeclib-3.5/tests/test_wcsnlen_s.c:14:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t str1[LEN];
data/safeclib-3.5/tests/test_wcsnlen_s.c:52:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"test");
data/safeclib-3.5/tests/test_wcsnlen_s.c:58:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"test");
data/safeclib-3.5/tests/test_wcsnlen_s.c:123:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"to");
data/safeclib-3.5/tests/test_wcsnlen_s.c:132:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"testing");
data/safeclib-3.5/tests/test_wcsnorm_s.c:38:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t str[LEN];
data/safeclib-3.5/tests/test_wcsnorm_s.c:39:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t str1[LEN];
data/safeclib-3.5/tests/test_wcsnorm_s.c:47:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
pl = fopen(TESTPL, "w");
data/safeclib-3.5/tests/test_wcsnorm_s.c:57:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"A"
data/safeclib-3.5/tests/test_wcsnorm_s.c:127:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\xd876"
data/safeclib-3.5/tests/test_wcsnorm_s.c:181:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"A"
data/safeclib-3.5/tests/test_wcsnorm_s.c:186:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"Abc"
data/safeclib-3.5/tests/test_wcsnorm_s.c:193:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"A"
data/safeclib-3.5/tests/test_wcsnorm_s.c:206:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"A"
data/safeclib-3.5/tests/test_wcsnorm_s.c:220:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"A"
data/safeclib-3.5/tests/test_wcsnorm_s.c:231:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"A"
data/safeclib-3.5/tests/test_wcsnorm_s.c:246:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"A"
data/safeclib-3.5/tests/test_wcsnorm_s.c:257:9: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x0\x0\x0"); /* 0xd874 0xddc0 */
data/safeclib-3.5/tests/test_wcsnorm_s.c:262:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\xd834\xddba\xd834\xdd65\xd834\xdd6f");
data/safeclib-3.5/tests/test_wcsnorm_s.c:274:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x1d1ba\x1d165\x1d16f");
data/safeclib-3.5/tests/test_wcsnorm_s.c:290:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"A"
data/safeclib-3.5/tests/test_wcsnorm_s.c:305:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"A"
data/safeclib-3.5/tests/test_wcsnorm_s.c:320:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"A"
data/safeclib-3.5/tests/test_wcsnorm_s.c:333:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"A"
data/safeclib-3.5/tests/test_wcsnorm_s.c:343:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x61"
data/safeclib-3.5/tests/test_wcsnorm_s.c:354:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x101");
data/safeclib-3.5/tests/test_wcsnorm_s.c:361:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x65"
data/safeclib-3.5/tests/test_wcsnorm_s.c:369:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\xdf");
data/safeclib-3.5/tests/test_wcsnorm_s.c:376:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x37e"); /* NFKC => 3b */
data/safeclib-3.5/tests/test_wcsnorm_s.c:384:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\xa8"
data/safeclib-3.5/tests/test_wcsnorm_s.c:391:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x3b1"
data/safeclib-3.5/tests/test_wcsnorm_s.c:398:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x3b5"
data/safeclib-3.5/tests/test_wcsnorm_s.c:405:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x3b1"
data/safeclib-3.5/tests/test_wcsnorm_s.c:412:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x3b1"
data/safeclib-3.5/tests/test_wcsnorm_s.c:420:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x3a5"
data/safeclib-3.5/tests/test_wcsnorm_s.c:427:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\xa8"
data/safeclib-3.5/tests/test_wcsnorm_s.c:439:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"(\x110b\x1169\x110c\x1165\x11ab)");
data/safeclib-3.5/tests/test_wcsnorm_s.c:455:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x3b");
data/safeclib-3.5/tests/test_wcsnorm_s.c:464:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"(\xc624\xc804)");
data/safeclib-3.5/tests/test_wcsnorm_s.c:472:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x062c\x0644\x0020\x062c\x0644\x0627\x0644\x0647");
data/safeclib-3.5/tests/test_wcsnorm_s.c:480:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\xb0"
data/safeclib-3.5/tests/test_wcsnorm_s.c:489:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x31"
data/safeclib-3.5/tests/test_wcsnorm_s.c:499:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"\x03bc"
data/safeclib-3.5/tests/test_wcsnorm_s.c:539:16: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t src[5];
data/safeclib-3.5/tests/test_wcsnset_s.c:17:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t str1[LEN];
data/safeclib-3.5/tests/test_wcsnset_s.c:57:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abc");
data/safeclib-3.5/tests/test_wcsnset_s.c:71:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abc");
data/safeclib-3.5/tests/test_wcsnset_s.c:85:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abc");
data/safeclib-3.5/tests/test_wcsnset_s.c:99:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abc");
data/safeclib-3.5/tests/test_wcsnset_s.c:113:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"Now is the time for all data to be zeroed");
data/safeclib-3.5/tests/test_wcsrtombs_s.c:27:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dest[LEN];
data/safeclib-3.5/tests/test_wcsrtombs_s.c:28:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t src[LEN];
data/safeclib-3.5/tests/test_wcsset_s.c:18:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t str1[LEN];
data/safeclib-3.5/tests/test_wcsset_s.c:58:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abc");
data/safeclib-3.5/tests/test_wcsset_s.c:72:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abc");
data/safeclib-3.5/tests/test_wcsset_s.c:86:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abc");
data/safeclib-3.5/tests/test_wcsset_s.c:99:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abc");
data/safeclib-3.5/tests/test_wcsset_s.c:113:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"abc");
data/safeclib-3.5/tests/test_wcsset_s.c:127:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"Now is the time for all data to be zeroed");
data/safeclib-3.5/tests/test_wcsstr_s.c:15:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t wstr1[LEN];
data/safeclib-3.5/tests/test_wcsstr_s.c:16:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t wstr2[LEN];
data/safeclib-3.5/tests/test_wcsstr_s.c:58:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"untouched");
data/safeclib-3.5/tests/test_wcsstr_s.c:65:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"untouched");
data/safeclib-3.5/tests/test_wcsstr_s.c:108:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"keep it all together");
data/safeclib-3.5/tests/test_wcsstr_s.c:119:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"keep it all together");
data/safeclib-3.5/tests/test_wcsstr_s.c:120:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"kee");
data/safeclib-3.5/tests/test_wcsstr_s.c:131:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"keep it all together");
data/safeclib-3.5/tests/test_wcsstr_s.c:132:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"eep it");
data/safeclib-3.5/tests/test_wcsstr_s.c:143:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"keep it all together");
data/safeclib-3.5/tests/test_wcsstr_s.c:144:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"ethe");
data/safeclib-3.5/tests/test_wcsstr_s.c:155:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"keep it all together");
data/safeclib-3.5/tests/test_wcsstr_s.c:156:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"he");
data/safeclib-3.5/tests/test_wcsstr_s.c:170:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"keep it all together");
data/safeclib-3.5/tests/test_wcsstr_s.c:171:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"er");
data/safeclib-3.5/tests/test_wcsstr_s.c:185:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"keep it all together");
data/safeclib-3.5/tests/test_wcsstr_s.c:186:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"it all");
data/safeclib-3.5/tests/test_wcsstr_s.c:192:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"keep it all together");
data/safeclib-3.5/tests/test_wcsstr_s.c:193:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"it all");
data/safeclib-3.5/tests/test_wcsstr_s.c:199:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"keep it all together");
data/safeclib-3.5/tests/test_wcsstr_s.c:200:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"it all");
data/safeclib-3.5/tests/test_wcsstr_s.c:206:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"keep it all together");
data/safeclib-3.5/tests/test_wcsstr_s.c:207:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"1234");
data/safeclib-3.5/tests/test_wcsstr_s.c:219:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"keep it all together");
data/safeclib-3.5/tests/test_wcsstr_s.c:220:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"it all");
data/safeclib-3.5/tests/test_wcsstr_s.c:226:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"keep it all together");
data/safeclib-3.5/tests/test_wcsstr_s.c:227:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"eep");
data/safeclib-3.5/tests/test_wcstok_s.c:34:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t str1[LEN];
data/safeclib-3.5/tests/test_wcstok_s.c:35:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t str2[LEN];
data/safeclib-3.5/tests/test_wcstok_s.c:40:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaa");
data/safeclib-3.5/tests/test_wcstok_s.c:41:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"fedcba");
data/safeclib-3.5/tests/test_wcstok_s.c:96:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaaaaaaa");
data/safeclib-3.5/tests/test_wcstok_s.c:99:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"fedcba");
data/safeclib-3.5/tests/test_wcstok_s.c:111:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"jklmnopqrst");
data/safeclib-3.5/tests/test_wcstok_s.c:114:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"fedcba");
data/safeclib-3.5/tests/test_wcstok_s.c:128:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaamnopqrst");
data/safeclib-3.5/tests/test_wcstok_s.c:131:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"fedcba");
data/safeclib-3.5/tests/test_wcstok_s.c:144:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"aaamnopqrstfedcba");
data/safeclib-3.5/tests/test_wcstok_s.c:147:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L"fedcba");
data/safeclib-3.5/tests/test_wcstok_s.c:177:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"?a???b,,,#c");
data/safeclib-3.5/tests/test_wcstok_s.c:194:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L"?a???b,,,#c");
data/safeclib-3.5/tests/test_wcstok_s.c:212:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L",,0,1,23,456,789,a,b,");
data/safeclib-3.5/tests/test_wcstok_s.c:237:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L",.*;one,two;three,;four*.*.five-six***");
data/safeclib-3.5/tests/test_wcstok_s.c:241:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L",.;*");
data/safeclib-3.5/tests/test_wcstok_s.c:290:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L",.*;one,two;three,;four*.*.five-six***");
data/safeclib-3.5/tests/test_wcstok_s.c:294:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L",.;*");
data/safeclib-3.5/tests/test_wcstok_s.c:314:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L",.*;one,two;three,;four*.*.five-six***");
data/safeclib-3.5/tests/test_wcstok_s.c:318:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L",.;*");
data/safeclib-3.5/tests/test_wcstok_s.c:340:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str1, L",.*;one,two;three,;four*.*.five-six***");
data/safeclib-3.5/tests/test_wcstok_s.c:344:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str2, L",.;*");
data/safeclib-3.5/tests/test_wcstombs_s.c:22:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dest[LEN];
data/safeclib-3.5/tests/test_wcstombs_s.c:23:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t src[LEN];
data/safeclib-3.5/tests/test_wcstombs_s.c:79:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest, "abcdef");
data/safeclib-3.5/tests/test_wcsupr_s.c:17:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t str[LEN];
data/safeclib-3.5/tests/test_wcsupr_s.c:22:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"untouched");
data/safeclib-3.5/tests/test_wcsupr_s.c:29:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"untouched");
data/safeclib-3.5/tests/test_wcsupr_s.c:36:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"untouched");
data/safeclib-3.5/tests/test_wcsupr_s.c:46:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"untouched");
data/safeclib-3.5/tests/test_wcsupr_s.c:75:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"nowisthetim3");
data/safeclib-3.5/tests/test_wcsupr_s.c:83:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"nowisthetime");
data/safeclib-3.5/tests/test_wcsupr_s.c:92:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"qqeRo");
data/safeclib-3.5/tests/test_wcsupr_s.c:101:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(str, L"1234");
data/safeclib-3.5/tests/test_wctomb_s.c:22:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dest[LEN];
data/safeclib-3.5/tests/test_wmemcmp_s.c:24:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t mem1[LEN];
data/safeclib-3.5/tests/test_wmemcmp_s.c:25:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t mem2[LEN];
data/safeclib-3.5/tests/test_wmemcpy_s.c:26:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t mem1[LEN];
data/safeclib-3.5/tests/test_wmemcpy_s.c:27:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t mem2[LEN];
data/safeclib-3.5/tests/test_wmemmove_s.c:26:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t mem1[LEN];
data/safeclib-3.5/tests/test_wmemmove_s.c:27:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t mem2[LEN];
data/safeclib-3.5/tests/test_wprintf_s.c:22:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t wstr[LEN];
data/safeclib-3.5/tests/test_wprintf_s.c:23:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str[LEN];
data/safeclib-3.5/tests/test_wprintf_s.c:83:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr, L"12");
data/safeclib-3.5/tests/test_wprintf_s.c:84:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "34");
data/safeclib-3.5/tests/test_wscanf_s.c:24:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t wstr1[LEN];
data/safeclib-3.5/tests/test_wscanf_s.c:25:8: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static wchar_t wstr2[LEN];
data/safeclib-3.5/tests/test_wscanf_s.c:26:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str3[LEN];
data/safeclib-3.5/tests/test_wscanf_s.c:34:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stream = fopen(TMP, "w+");
data/safeclib-3.5/tests/test_wscanf_s.c:122:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"aaaaaaaaaa");
data/safeclib-3.5/tests/test_wscanf_s.c:138:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"keep it simple");
data/safeclib-3.5/tests/test_wscanf_s.c:174:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"qqweqq");
data/safeclib-3.5/tests/test_wscanf_s.c:175:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr2, L"keep it simple");
data/safeclib-3.5/tests/test_wscanf_s.c:207:5: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(wstr1, L"qqweqq");
data/safeclib-3.5/src/extstr/strstr_s.c:117:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(src);
data/safeclib-3.5/src/extstr/strstr_s.c:118:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dlen = strlen(dest);
data/safeclib-3.5/src/extstr/strstr_s.c:119:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len > dmax || len > strlen(dest))
data/safeclib-3.5/src/extwchar/wcsnorm_s.c:135:35: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int c = wcslen(row[cp & 0xff]);
data/safeclib-3.5/src/extwchar/wcsnorm_s.c:174:28: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = wcslen(e->v);
data/safeclib-3.5/src/extwchar/wcsnorm_s.c:229:35: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int c = wcslen(row[cp & 0xff]);
data/safeclib-3.5/src/extwchar/wcsnorm_s.c:266:28: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = wcslen(e->v);
data/safeclib-3.5/src/extwchar/wcsnorm_s.c:273:32: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = wcslen(e->v);
data/safeclib-3.5/src/io/gets_s.c:40:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define strnlen(s, smax) strlen(s)
data/safeclib-3.5/src/io/tmpnam_s.c:152:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(result);
data/safeclib-3.5/src/os/asctime_s.c:177:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/safeclib-3.5/src/os/asctime_s.c:192:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/safeclib-3.5/src/os/ctime_s.c:161:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/safeclib-3.5/src/os/ctime_s.c:177:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/safeclib-3.5/src/os/getenv_s.c:126:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(buf);
data/safeclib-3.5/src/str/strerror_s.c:117:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dest, tmpbuf, dmax - 4);
data/safeclib-3.5/src/str/strerror_s.c:158:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return buf ? strlen(buf) : 0;
data/safeclib-3.5/src/wchar/wcsncpy_s.c:114:29: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
handle_werror(dest, wcslen(dest), "wcsncpy_s: slen exceeds max",
data/safeclib-3.5/tests/test_asctime_s.c:114:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_asctime_s.c:133:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_fscanf_s.c:109:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(str2);
data/safeclib-3.5/tests/test_fscanf_s.c:110:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = strlen(str1);
data/safeclib-3.5/tests/test_fscanf_s.c:113:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(str1);
data/safeclib-3.5/tests/test_fwscanf_s.c:51:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = wcslen(s); \
data/safeclib-3.5/tests/test_fwscanf_s.c:56:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = wcslen(s); \
data/safeclib-3.5/tests/test_fwscanf_s.c:161:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = wcslen(wstr2);
data/safeclib-3.5/tests/test_fwscanf_s.c:162:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = wcslen(wstr1);
data/safeclib-3.5/tests/test_getenv_s.c:72:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ind = strlen(str2);
data/safeclib-3.5/tests/test_private.h:361:33: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; (size_t)i < wcslen(str); i++) { \
data/safeclib-3.5/tests/test_scanf_s.c:112:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(str1);
data/safeclib-3.5/tests/test_scanf_s.c:121:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(str2);
data/safeclib-3.5/tests/test_scanf_s.c:122:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = strlen(str1);
data/safeclib-3.5/tests/test_scanf_s.c:125:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(str1);
data/safeclib-3.5/tests/test_snprintf_s.c:173:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(str2);
data/safeclib-3.5/tests/test_snprintf_s.c:177:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = strlen(str1);
data/safeclib-3.5/tests/test_snprintf_s.c:180:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len1 = strlen(str1);
data/safeclib-3.5/tests/test_snwprintf_s.c:84:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = wcslen(str2);
data/safeclib-3.5/tests/test_snwprintf_s.c:88:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = wcslen(str1);
data/safeclib-3.5/tests/test_snwprintf_s.c:91:23: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len1 = wcslen(str1);
data/safeclib-3.5/tests/test_sprintf_s.c:125:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(str2);
data/safeclib-3.5/tests/test_sprintf_s.c:129:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = strlen(str1);
data/safeclib-3.5/tests/test_sprintf_s.c:132:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len1 = strlen(str1);
data/safeclib-3.5/tests/test_sscanf_s.c:98:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(str1);
data/safeclib-3.5/tests/test_sscanf_s.c:102:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(str2);
data/safeclib-3.5/tests/test_sscanf_s.c:103:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = strlen(str1);
data/safeclib-3.5/tests/test_sscanf_s.c:106:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(str1);
data/safeclib-3.5/tests/test_strcasestr_s.c:152:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(str1);
data/safeclib-3.5/tests/test_strcasestr_s.c:153:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(str2);
data/safeclib-3.5/tests/test_strcasestr_s.c:170:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(str1);
data/safeclib-3.5/tests/test_strcasestr_s.c:171:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(str2);
data/safeclib-3.5/tests/test_strcasestr_s.c:224:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(str1);
data/safeclib-3.5/tests/test_strcat_s.c:40:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str1, "");
data/safeclib-3.5/tests/test_strcat_s.c:94:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str1, "a");
data/safeclib-3.5/tests/test_strcat_s.c:178:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(str1);
data/safeclib-3.5/tests/test_strcat_s.c:179:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(str2);
data/safeclib-3.5/tests/test_strcat_s.c:183:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = strlen(str1);
data/safeclib-3.5/tests/test_strcat_s.c:223:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(str1);
data/safeclib-3.5/tests/test_strcat_s.c:244:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(str1);
data/safeclib-3.5/tests/test_strcat_s.c:255:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(str1);
data/safeclib-3.5/tests/test_strcat_s.c:278:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(str1);
data/safeclib-3.5/tests/test_strcat_s.c:315:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(str1);
data/safeclib-3.5/tests/test_strcat_s.c:330:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(str2);
data/safeclib-3.5/tests/test_strcat_s.c:343:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(str2);
data/safeclib-3.5/tests/test_strchr_s.c:65:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strchr_s.c:91:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strcmpfld_s.c:113:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strcmpfld_s.c:134:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strcmpfld_s.c:149:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strcmpfld_s.c:171:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strcmpfld_s.c:191:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strcpy_s.c:52:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strcpy_s.c:84:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strcpy_s.c:104:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strcpy_s.c:140:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strcpy_s.c:161:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str2);
data/safeclib-3.5/tests/test_strcpy_s.c:172:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str2);
data/safeclib-3.5/tests/test_strcpyfld_s.c:189:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strcpyfld_s.c:192:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(str2);
data/safeclib-3.5/tests/test_strcpyfld_s.c:208:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1) + 2;
data/safeclib-3.5/tests/test_strcpyfld_s.c:212:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(str1);
data/safeclib-3.5/tests/test_strcpyfldin_s.c:61:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strcpyfldin_s.c:84:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strcpyfldin_s.c:85:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(str2);
data/safeclib-3.5/tests/test_strcpyfldin_s.c:152:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strcpyfldin_s.c:172:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strcpyfldin_s.c:189:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strcpyfldin_s.c:192:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(str2);
data/safeclib-3.5/tests/test_strcpyfldout_s.c:150:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strcpyfldout_s.c:170:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strcpyfldout_s.c:173:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(str2);
data/safeclib-3.5/tests/test_strcpyfldout_s.c:188:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strcpyfldout_s.c:191:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(str2);
data/safeclib-3.5/tests/test_strerror_s.c:82:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t ind = strlen(str1);
data/safeclib-3.5/tests/test_strerror_s.c:87:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(str1), str1);
data/safeclib-3.5/tests/test_strerror_s.c:99:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t ind = strlen(str1);
data/safeclib-3.5/tests/test_strerror_s.c:104:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(str1), str1);
data/safeclib-3.5/tests/test_strerrorlen_s.c:37:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) != len) {
data/safeclib-3.5/tests/test_strerrorlen_s.c:40:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__FUNCTION__, __LINE__, i, (int)len, (int)strlen(buf), buf);
data/safeclib-3.5/tests/test_strfirstchar_s.c:92:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strisalphanumeric_s.c:67:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "N");
data/safeclib-3.5/tests/test_strisalphanumeric_s.c:73:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "N");
data/safeclib-3.5/tests/test_strisalphanumeric_s.c:74:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strisalphanumeric_s.c:81:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strisalphanumeric_s.c:88:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strisalphanumeric_s.c:96:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strisalphanumeric_s.c:104:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strisascii_s.c:62:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "N");
data/safeclib-3.5/tests/test_strisascii_s.c:63:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strisascii_s.c:69:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "N");
data/safeclib-3.5/tests/test_strisascii_s.c:70:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strisascii_s.c:77:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strisascii_s.c:91:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strisdigit_s.c:53:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "1");
data/safeclib-3.5/tests/test_strisdigit_s.c:54:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strisdigit_s.c:61:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strisdigit_s.c:68:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strisdigit_s.c:75:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strishex_s.c:58:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "1");
data/safeclib-3.5/tests/test_strishex_s.c:59:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strishex_s.c:66:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strishex_s.c:73:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strishex_s.c:80:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strishex_s.c:87:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strislowercase_s.c:54:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strislowercase_s.c:61:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strislowercase_s.c:68:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strismixed_s.c:51:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "N");
data/safeclib-3.5/tests/test_strismixed_s.c:52:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strismixed_s.c:59:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strismixed_s.c:66:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strismixed_s.c:73:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strispassword_s.c:59:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strispassword_s.c:66:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strispassword_s.c:73:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strispassword_s.c:80:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strispassword_s.c:86:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strispassword_s.c:94:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strispassword_s.c:100:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strisuppercase_s.c:68:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strisuppercase_s.c:75:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strisuppercase_s.c:82:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strisuppercase_s.c:89:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strljustify_s.c:61:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, " ");
data/safeclib-3.5/tests/test_strljustify_s.c:97:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "A");
data/safeclib-3.5/tests/test_strljustify_s.c:138:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strljustify_s.c:152:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strljustify_s.c:165:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strljustify_s.c:178:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strljustify_s.c:191:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strljustify_s.c:199:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strncat_s.c:52:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str1, "a");
data/safeclib-3.5/tests/test_strncat_s.c:92:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str1, "a");
data/safeclib-3.5/tests/test_strncat_s.c:116:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str1, "a");
data/safeclib-3.5/tests/test_strncat_s.c:129:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str1, "a");
data/safeclib-3.5/tests/test_strncat_s.c:161:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str1, "a");
data/safeclib-3.5/tests/test_strncat_s.c:196:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str1, "a");
data/safeclib-3.5/tests/test_strncat_s.c:197:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str2, "b");
data/safeclib-3.5/tests/test_strncat_s.c:269:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str1, "a");
data/safeclib-3.5/tests/test_strncat_s.c:270:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str2, "b");
data/safeclib-3.5/tests/test_strncat_s.c:290:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strncat_s.c:303:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strncat_s.c:317:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strncat_s.c:342:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strncpy_s.c:55:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str2, "b");
data/safeclib-3.5/tests/test_strncpy_s.c:97:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str1, "a");
data/safeclib-3.5/tests/test_strnlen_s.c:62:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std_len = strlen(str1);
data/safeclib-3.5/tests/test_strnlen_s.c:69:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str1, "t");
data/safeclib-3.5/tests/test_strnlen_s.c:70:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std_len = strlen(str1);
data/safeclib-3.5/tests/test_strnlen_s.c:76:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std_len = strlen(str1);
data/safeclib-3.5/tests/test_strnlen_s.c:82:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std_len = strlen("testing");
data/safeclib-3.5/tests/test_strnset_s.c:140:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max_len = strlen("Now is the ");
data/safeclib-3.5/tests/test_strnterminate_s.c:23:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dest, "");
data/safeclib-3.5/tests/test_strnterminate_s.c:57:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std_len = strlen(dest);
data/safeclib-3.5/tests/test_strnterminate_s.c:88:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dest, "f");
data/safeclib-3.5/tests/test_strnterminate_s.c:99:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dest, "f");
data/safeclib-3.5/tests/test_strnterminate_s.c:169:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len != strlen(dest)) {
data/safeclib-3.5/tests/test_strnterminate_s.c:182:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len != strlen(dest)) {
data/safeclib-3.5/tests/test_strpbrk_s.c:113:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str2, "z");
data/safeclib-3.5/tests/test_strpbrk_s.c:138:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str2, "");
data/safeclib-3.5/tests/test_strpbrk_s.c:147:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str2, "k");
data/safeclib-3.5/tests/test_strprefix_s.c:96:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strprefix_s.c:105:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strrchr_s.c:63:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strrchr_s.c:89:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strremovews_s.c:93:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "A");
data/safeclib-3.5/tests/test_strremovews_s.c:119:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strremovews_s.c:131:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strremovews_s.c:144:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strremovews_s.c:157:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strremovews_s.c:170:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strset_s.c:134:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strset_s.c:135:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max_len = strlen("Now is the ");
data/safeclib-3.5/tests/test_strspn_s.c:126:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str2, "k");
data/safeclib-3.5/tests/test_strstr_s.c:76:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str2, "a");
data/safeclib-3.5/tests/test_strstr_s.c:120:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str2, "");
data/safeclib-3.5/tests/test_strstr_s.c:152:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(str1);
data/safeclib-3.5/tests/test_strstr_s.c:153:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(str2);
data/safeclib-3.5/tests/test_strstr_s.c:164:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(str1);
data/safeclib-3.5/tests/test_strstr_s.c:165:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(str2);
data/safeclib-3.5/tests/test_strstr_s.c:200:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = strlen(str1);
data/safeclib-3.5/tests/test_strtok_s.c:104:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strtok_s.c:119:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1) - 2; /* cheat on len */
data/safeclib-3.5/tests/test_strtok_s.c:136:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strtok_s.c:152:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strtok_s.c:187:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strtok_s.c:189:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str2, "?");
data/safeclib-3.5/tests/test_strtok_s.c:204:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strtok_s.c:206:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str2, ","); /* change the tokenizer string */
data/safeclib-3.5/tests/test_strtok_s.c:222:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strtok_s.c:224:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str2, ","); /* change the tokenizer string */
data/safeclib-3.5/tests/test_strtok_s.c:246:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strtok_s.c:294:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_strtok_s.c:318:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1) - 1; /** back off the null **/
data/safeclib-3.5/tests/test_strtok_s.c:346:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1) - 15; /** back off a few! **/
data/safeclib-3.5/tests/test_strtolowercase_s.c:39:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "N");
data/safeclib-3.5/tests/test_strtolowercase_s.c:40:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strtolowercase_s.c:50:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "n");
data/safeclib-3.5/tests/test_strtolowercase_s.c:51:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strtolowercase_s.c:72:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strtolowercase_s.c:83:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strtolowercase_s.c:94:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strtouppercase_s.c:59:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "n");
data/safeclib-3.5/tests/test_strtouppercase_s.c:60:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strtouppercase_s.c:73:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "N");
data/safeclib-3.5/tests/test_strtouppercase_s.c:74:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strtouppercase_s.c:87:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strtouppercase_s.c:100:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strtouppercase_s.c:113:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/safeclib-3.5/tests/test_strzero_s.c:111:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max_len = strlen("Now is the ");
data/safeclib-3.5/tests/test_swprintf_s.c:95:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = wcslen(str2);
data/safeclib-3.5/tests/test_swprintf_s.c:99:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = wcslen(str1);
data/safeclib-3.5/tests/test_swprintf_s.c:102:23: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len1 = wcslen(str1);
data/safeclib-3.5/tests/test_swscanf_s.c:38:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(wstr1, L" ");
data/safeclib-3.5/tests/test_swscanf_s.c:140:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = wcslen(wstr1);
data/safeclib-3.5/tests/test_swscanf_s.c:144:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = wcslen(wstr2);
data/safeclib-3.5/tests/test_swscanf_s.c:145:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = wcslen(wstr1);
data/safeclib-3.5/tests/test_swscanf_s.c:148:16: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = wcslen(wstr1);
data/safeclib-3.5/tests/test_tmpnam_s.c:103:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str1);
data/safeclib-3.5/tests/test_towfc_s.c:87:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name))
data/safeclib-3.5/tests/test_towfc_s.c:88:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name) - 1] = 0;
data/safeclib-3.5/tests/test_towfc_s.c:105:23: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(result);
data/safeclib-3.5/tests/test_towlower.c:58:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name) - 1] = 0;
data/safeclib-3.5/tests/test_towupper.c:70:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name) - 1] = 0;
data/safeclib-3.5/tests/test_towupper.c:192:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, &p1[3], 79);
data/safeclib-3.5/tests/test_towupper.c:193:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name) - 1] = 0;
data/safeclib-3.5/tests/test_vfwscanf_s.c:163:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = wcslen(wstr2);
data/safeclib-3.5/tests/test_vfwscanf_s.c:164:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = wcslen(wstr1);
data/safeclib-3.5/tests/test_vfwscanf_s.c:167:16: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = wcslen(wstr1);
data/safeclib-3.5/tests/test_vsnprintf_s.c:153:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(str2);
data/safeclib-3.5/tests/test_vsnprintf_s.c:157:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = strlen(str1);
data/safeclib-3.5/tests/test_vsnprintf_s.c:160:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len1 = strlen(str1);
data/safeclib-3.5/tests/test_vsnwprintf_s.c:80:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = wcslen(str2);
data/safeclib-3.5/tests/test_vsnwprintf_s.c:84:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = wcslen(str1);
data/safeclib-3.5/tests/test_vsnwprintf_s.c:87:23: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len1 = wcslen(str1);
data/safeclib-3.5/tests/test_vsprintf_s.c:133:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(str2);
data/safeclib-3.5/tests/test_vsprintf_s.c:137:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = strlen(str1);
data/safeclib-3.5/tests/test_vsprintf_s.c:140:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len1 = strlen(str1);
data/safeclib-3.5/tests/test_vswprintf_s.c:113:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = wcslen(str2);
data/safeclib-3.5/tests/test_vswprintf_s.c:117:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = wcslen(str1);
data/safeclib-3.5/tests/test_vswprintf_s.c:120:23: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len1 = wcslen(str1);
data/safeclib-3.5/tests/test_vswscanf_s.c:102:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = wcslen(wstr1);
data/safeclib-3.5/tests/test_vswscanf_s.c:106:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = wcslen(wstr2);
data/safeclib-3.5/tests/test_vswscanf_s.c:107:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = wcslen(wstr1);
data/safeclib-3.5/tests/test_vwscanf_s.c:55:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(wstr1, L" ");
data/safeclib-3.5/tests/test_vwscanf_s.c:112:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = wcslen(wstr1);
data/safeclib-3.5/tests/test_vwscanf_s.c:116:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = wcslen(wstr2);
data/safeclib-3.5/tests/test_vwscanf_s.c:117:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = wcslen(wstr1);
data/safeclib-3.5/tests/test_wcscat_s.c:89:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = wcslen(str1);
data/safeclib-3.5/tests/test_wcscat_s.c:90:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = wcslen(str2);
data/safeclib-3.5/tests/test_wcscat_s.c:94:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = wcslen(str1);
data/safeclib-3.5/tests/test_wcscat_s.c:175:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = wcslen(str2);
data/safeclib-3.5/tests/test_wcscat_s.c:210:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = wcslen(str1);
data/safeclib-3.5/tests/test_wcscat_s.c:231:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = wcslen(str1);
data/safeclib-3.5/tests/test_wcscat_s.c:260:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = wcslen(str2);
data/safeclib-3.5/tests/test_wcscat_s.c:271:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = wcslen(str2);
data/safeclib-3.5/tests/test_wcscpy_s.c:127:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str2);
data/safeclib-3.5/tests/test_wcsfc_s.c:108:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(L"nowisthetim3");
data/safeclib-3.5/tests/test_wcsfc_s.c:494:19: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str);
data/safeclib-3.5/tests/test_wcslwr_s.c:57:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str, L"N");
data/safeclib-3.5/tests/test_wcslwr_s.c:58:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str);
data/safeclib-3.5/tests/test_wcslwr_s.c:66:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str, L"n");
data/safeclib-3.5/tests/test_wcslwr_s.c:67:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str);
data/safeclib-3.5/tests/test_wcslwr_s.c:84:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str);
data/safeclib-3.5/tests/test_wcslwr_s.c:93:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str);
data/safeclib-3.5/tests/test_wcslwr_s.c:102:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str);
data/safeclib-3.5/tests/test_wcsncat_s.c:35:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str1, L"a");
data/safeclib-3.5/tests/test_wcsncat_s.c:47:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str1, L"a");
data/safeclib-3.5/tests/test_wcsncat_s.c:48:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str2, L"b");
data/safeclib-3.5/tests/test_wcsncat_s.c:70:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str1, L"a");
data/safeclib-3.5/tests/test_wcsncat_s.c:76:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str1, L"a");
data/safeclib-3.5/tests/test_wcsncat_s.c:81:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str1, L"a");
data/safeclib-3.5/tests/test_wcsncat_s.c:99:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str1, L"a");
data/safeclib-3.5/tests/test_wcsncat_s.c:109:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str1, L"a");
data/safeclib-3.5/tests/test_wcsncat_s.c:157:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str1, L"a");
data/safeclib-3.5/tests/test_wcsncat_s.c:158:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str2, L"b");
data/safeclib-3.5/tests/test_wcsncat_s.c:226:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str1, L"a");
data/safeclib-3.5/tests/test_wcsncat_s.c:227:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str2, L"b");
data/safeclib-3.5/tests/test_wcsncat_s.c:242:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcsncat_s.c:254:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcsncat_s.c:266:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcsncat_s.c:288:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcsncmp_s.c:127:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcsncpy_s.c:53:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str2, L"b");
data/safeclib-3.5/tests/test_wcsncpy_s.c:115:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str1, L"a");
data/safeclib-3.5/tests/test_wcsncpy_s.c:147:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str2, L"b");
data/safeclib-3.5/tests/test_wcsncpy_s.c:162:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str2, L"b");
data/safeclib-3.5/tests/test_wcsncpy_s.c:174:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str2, L"b");
data/safeclib-3.5/tests/test_wcsnlen_s.c:102:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str1, L"");
data/safeclib-3.5/tests/test_wcsnlen_s.c:111:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str1, L"t");
data/safeclib-3.5/tests/test_wcsnlen_s.c:131:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std_len = strlen("testing");
data/safeclib-3.5/tests/test_wcsnorm_s.c:377:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcsnorm_s.c:440:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcsnorm_s.c:456:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcsnorm_s.c:466:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcsnorm_s.c:474:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcsnorm_s.c:483:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcsnorm_s.c:493:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcsnorm_s.c:502:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcsnset_s.c:114:15: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max_len = wcslen(L"Now is the ");
data/safeclib-3.5/tests/test_wcsset_s.c:128:15: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max_len = wcslen(L"Now is the ");
data/safeclib-3.5/tests/test_wcsstr_s.c:74:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(wstr2, L"a");
data/safeclib-3.5/tests/test_wcsstr_s.c:158:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = wcslen(wstr1);
data/safeclib-3.5/tests/test_wcsstr_s.c:159:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = wcslen(wstr2);
data/safeclib-3.5/tests/test_wcsstr_s.c:173:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = wcslen(wstr1);
data/safeclib-3.5/tests/test_wcsstr_s.c:174:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = wcslen(wstr2);
data/safeclib-3.5/tests/test_wcsstr_s.c:209:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = wcslen(wstr1);
data/safeclib-3.5/tests/test_wcstok_s.c:97:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcstok_s.c:112:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1) - 2; /* cheat on len */
data/safeclib-3.5/tests/test_wcstok_s.c:129:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcstok_s.c:145:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcstok_s.c:178:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcstok_s.c:180:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str2, L"?");
data/safeclib-3.5/tests/test_wcstok_s.c:195:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcstok_s.c:197:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str2, L","); /* change the tokenizer string */
data/safeclib-3.5/tests/test_wcstok_s.c:213:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcstok_s.c:215:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str2, L","); /* change the tokenizer string */
data/safeclib-3.5/tests/test_wcstok_s.c:239:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcstok_s.c:292:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1);
data/safeclib-3.5/tests/test_wcstok_s.c:316:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1) - 1; /** back off the null **/
data/safeclib-3.5/tests/test_wcstok_s.c:342:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str1) - 15; /** back off a few! **/
data/safeclib-3.5/tests/test_wcsupr_s.c:57:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str, L"n");
data/safeclib-3.5/tests/test_wcsupr_s.c:58:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str);
data/safeclib-3.5/tests/test_wcsupr_s.c:66:5: [1] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant character.
wcscpy(str, L"N");
data/safeclib-3.5/tests/test_wcsupr_s.c:67:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str);
data/safeclib-3.5/tests/test_wcsupr_s.c:84:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str);
data/safeclib-3.5/tests/test_wcsupr_s.c:93:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str);
data/safeclib-3.5/tests/test_wcsupr_s.c:102:11: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str);
data/safeclib-3.5/tests/test_wscanf_s.c:123:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len1 = wcslen(wstr1);
data/safeclib-3.5/tests/test_wscanf_s.c:128:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = wcslen(wstr2);
data/safeclib-3.5/tests/test_wscanf_s.c:129:12: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len3 = wcslen(wstr1);
ANALYSIS SUMMARY:
Hits = 1874
Lines analyzed = 72506 in approximately 3.01 seconds (24128 lines/second)
Physical Source Lines of Code (SLOC) = 48869
Hits@level = [0] 195 [1] 350 [2] 1416 [3] 4 [4] 104 [5] 0
Hits@level+ = [0+] 2069 [1+] 1874 [2+] 1524 [3+] 108 [4+] 104 [5+] 0
Hits/KSLOC@level+ = [0+] 42.3377 [1+] 38.3474 [2+] 31.1854 [3+] 2.20999 [4+] 2.12814 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.