Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/sdcv-0.5.2/src/dictziplib.cpp
Examining data/sdcv-0.5.2/src/dictziplib.hpp
Examining data/sdcv-0.5.2/src/distance.cpp
Examining data/sdcv-0.5.2/src/distance.hpp
Examining data/sdcv-0.5.2/src/libwrapper.cpp
Examining data/sdcv-0.5.2/src/libwrapper.hpp
Examining data/sdcv-0.5.2/src/mapfile.hpp
Examining data/sdcv-0.5.2/src/readline.cpp
Examining data/sdcv-0.5.2/src/readline.hpp
Examining data/sdcv-0.5.2/src/sdcv.cpp
Examining data/sdcv-0.5.2/src/stardict_lib.hpp
Examining data/sdcv-0.5.2/src/utils.cpp
Examining data/sdcv-0.5.2/src/utils.hpp
Examining data/sdcv-0.5.2/src/stardict_lib.cpp
FINAL RESULTS:
data/sdcv-0.5.2/src/libwrapper.cpp:299:32: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (pager && (output = popen(pager, "w")) == nullptr) {
data/sdcv-0.5.2/src/stardict_lib.cpp:1138:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sNewWord, sWord);
data/sdcv-0.5.2/src/stardict_lib.cpp:1157:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sNewWord, sWord);
data/sdcv-0.5.2/src/stardict_lib.cpp:1197:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sNewWord, sWord);
data/sdcv-0.5.2/src/stardict_lib.cpp:1252:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sNewWord, sWord);
data/sdcv-0.5.2/src/stardict_lib.cpp:1271:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sNewWord, sWord);
data/sdcv-0.5.2/src/stardict_lib.cpp:1310:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sNewWord, sWord);
data/sdcv-0.5.2/src/stardict_lib.cpp:1333:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sNewWord, sWord);
data/sdcv-0.5.2/src/stardict_lib.cpp:1356:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sNewWord, sWord);
data/sdcv-0.5.2/src/stardict_lib.cpp:1375:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sNewWord, sWord);
data/sdcv-0.5.2/src/readline.cpp:73:50: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
const std::string histname = std::string(g_get_home_dir()) + G_DIR_SEPARATOR + ".sdcv_history";
data/sdcv-0.5.2/src/readline.cpp:79:50: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
const std::string histname = std::string(g_get_home_dir()) + G_DIR_SEPARATOR + ".sdcv_history";
data/sdcv-0.5.2/src/sdcv.cpp:146:19: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
homedir = g_get_home_dir();
data/sdcv-0.5.2/src/sdcv.cpp:200:46: [3] (buffer) g_get_home_dir:
This function is synonymous with 'getenv("HOME")';it returns untrustable
input if the environment can beset by an attacker. It can have any content
and length, and the same variable can be set more than once (CWE-807,
CWE-20). Check environment variables carefully before using them.
const std::string conf_dir = std::string(g_get_home_dir()) + G_DIR_SEPARATOR + ".stardict";
data/sdcv-0.5.2/src/dictziplib.cpp:118:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFERSIZE];
data/sdcv-0.5.2/src/dictziplib.cpp:128:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(str = fopen(fname.c_str(), "rb"))) {
data/sdcv-0.5.2/src/dictziplib.cpp:269:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool DictData::open(const std::string &fname, int computeCRC)
data/sdcv-0.5.2/src/dictziplib.cpp:288:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = ::open(fname.c_str(), O_RDONLY)) < 0) {
data/sdcv-0.5.2/src/dictziplib.cpp:301:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!mapfile.open(fname.c_str(), size))
data/sdcv-0.5.2/src/dictziplib.cpp:344:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outBuffer[OUT_BUFFER_SIZE];
data/sdcv-0.5.2/src/dictziplib.cpp:367:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, this->start + start, size);
data/sdcv-0.5.2/src/dictziplib.cpp:430:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outBuffer, this->start + this->offsets[i], this->chunks[i]);
data/sdcv-0.5.2/src/dictziplib.cpp:452:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pt, inBuffer + firstOffset, lastOffset - firstOffset);
data/sdcv-0.5.2/src/dictziplib.cpp:460:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pt, inBuffer + firstOffset,
data/sdcv-0.5.2/src/dictziplib.cpp:465:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pt, inBuffer, lastOffset);
data/sdcv-0.5.2/src/dictziplib.cpp:469:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pt, inBuffer, this->chunkLength);
data/sdcv-0.5.2/src/dictziplib.hpp:23:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open(const std::string &filename, int computeCRC);
data/sdcv-0.5.2/src/mapfile.hpp:24:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open(const char *file_name, unsigned long file_size);
data/sdcv-0.5.2/src/mapfile.hpp:38:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inline bool MapFile::open(const char *file_name, unsigned long file_size)
data/sdcv-0.5.2/src/mapfile.hpp:42:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((mmap_fd = ::open(file_name, O_RDONLY)) < 0) {
data/sdcv-0.5.2/src/sdcv.cpp:190:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *ordering_file = fopen(odering_cfg_file.c_str(), "r");
data/sdcv-0.5.2/src/stardict_lib.cpp:103:17: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wordcount = atol(std::string(p2 + sizeof("\nwordcount=") - 1, p3 - (p2 + sizeof("\nwordcount=") - 1)).c_str());
data/sdcv-0.5.2/src/stardict_lib.cpp:112:27: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
index_file_size = atol(std::string(p2 + sizeof("\ntdxfilesize=") - 1, p3 - (p2 + sizeof("\ntdxfilesize=") - 1)).c_str());
data/sdcv-0.5.2/src/stardict_lib.cpp:121:27: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
index_file_size = atol(std::string(p2 + sizeof("\nidxfilesize=") - 1, p3 - (p2 + sizeof("\nidxfilesize=") - 1)).c_str());
data/sdcv-0.5.2/src/stardict_lib.cpp:180:25: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
syn_wordcount = atol(std::string(p2, p3 - p2).c_str());
data/sdcv-0.5.2/src/stardict_lib.cpp:250:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p1, p2, sec_size);
data/sdcv-0.5.2/src/stardict_lib.cpp:258:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p1, p2, sec_size);
data/sdcv-0.5.2/src/stardict_lib.cpp:269:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p1, p2, sec_size);
data/sdcv-0.5.2/src/stardict_lib.cpp:287:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p1, p2, sec_size);
data/sdcv-0.5.2/src/stardict_lib.cpp:295:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p1, p2, sec_size);
data/sdcv-0.5.2/src/stardict_lib.cpp:301:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p1, p2, sec_size);
data/sdcv-0.5.2/src/stardict_lib.cpp:303:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p1, p2, sec_size);
data/sdcv-0.5.2/src/stardict_lib.cpp:573:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!mf.open(item.c_str(), cachestat.st_size))
data/sdcv-0.5.2/src/stardict_lib.cpp:612:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *out = fopen(item.c_str(), "wb");
data/sdcv-0.5.2/src/stardict_lib.cpp:638:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!map_file.open(url.c_str(), fsize))
data/sdcv-0.5.2/src/stardict_lib.cpp:658:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(idxfile = fopen(url.c_str(), "rb"))) {
data/sdcv-0.5.2/src/stardict_lib.cpp:836:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!syn.open(url.c_str(), stat_buf.st_size))
data/sdcv-0.5.2/src/stardict_lib.cpp:883:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!dictdzfile->open(fullfilename, 0)) {
data/sdcv-0.5.2/src/stardict_lib.cpp:889:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
dictfile = fopen(fullfilename.c_str(), "rb");
data/sdcv-0.5.2/src/stardict_lib.hpp:20:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&result, addr, sizeof(guint32));
data/sdcv-0.5.2/src/stardict_lib.hpp:26:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr, &val, sizeof(guint32));
data/sdcv-0.5.2/src/dictziplib.cpp:137:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
id1 = getc(str);
data/sdcv-0.5.2/src/dictziplib.cpp:138:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
id2 = getc(str);
data/sdcv-0.5.2/src/dictziplib.cpp:160:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->method = getc(str);
data/sdcv-0.5.2/src/dictziplib.cpp:161:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->flags = getc(str);
data/sdcv-0.5.2/src/dictziplib.cpp:162:19: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->mtime = getc(str) << 0;
data/sdcv-0.5.2/src/dictziplib.cpp:163:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->mtime |= getc(str) << 8;
data/sdcv-0.5.2/src/dictziplib.cpp:164:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->mtime |= getc(str) << 16;
data/sdcv-0.5.2/src/dictziplib.cpp:165:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->mtime |= getc(str) << 24;
data/sdcv-0.5.2/src/dictziplib.cpp:166:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->extraFlags = getc(str);
data/sdcv-0.5.2/src/dictziplib.cpp:167:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->os = getc(str);
data/sdcv-0.5.2/src/dictziplib.cpp:170:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
extraLength = getc(str) << 0;
data/sdcv-0.5.2/src/dictziplib.cpp:171:24: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
extraLength |= getc(str) << 8;
data/sdcv-0.5.2/src/dictziplib.cpp:173:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
si1 = getc(str);
data/sdcv-0.5.2/src/dictziplib.cpp:174:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
si2 = getc(str);
data/sdcv-0.5.2/src/dictziplib.cpp:177:25: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
subLength = getc(str) << 0;
data/sdcv-0.5.2/src/dictziplib.cpp:178:26: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
subLength |= getc(str) << 8;
data/sdcv-0.5.2/src/dictziplib.cpp:179:29: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->version = getc(str) << 0;
data/sdcv-0.5.2/src/dictziplib.cpp:180:30: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->version |= getc(str) << 8;
data/sdcv-0.5.2/src/dictziplib.cpp:188:33: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->chunkLength = getc(str) << 0;
data/sdcv-0.5.2/src/dictziplib.cpp:189:34: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->chunkLength |= getc(str) << 8;
data/sdcv-0.5.2/src/dictziplib.cpp:190:32: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->chunkCount = getc(str) << 0;
data/sdcv-0.5.2/src/dictziplib.cpp:191:33: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->chunkCount |= getc(str) << 8;
data/sdcv-0.5.2/src/dictziplib.cpp:200:35: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->chunks[i] = getc(str) << 0;
data/sdcv-0.5.2/src/dictziplib.cpp:201:36: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->chunks[i] |= getc(str) << 8;
data/sdcv-0.5.2/src/dictziplib.cpp:211:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(str)) && c != EOF)
data/sdcv-0.5.2/src/dictziplib.cpp:223:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = getc(str)) && c != EOF)
data/sdcv-0.5.2/src/dictziplib.cpp:233:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(str);
data/sdcv-0.5.2/src/dictziplib.cpp:234:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getc(str);
data/sdcv-0.5.2/src/dictziplib.cpp:245:17: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->crc = getc(str) << 0;
data/sdcv-0.5.2/src/dictziplib.cpp:246:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->crc |= getc(str) << 8;
data/sdcv-0.5.2/src/dictziplib.cpp:247:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->crc |= getc(str) << 16;
data/sdcv-0.5.2/src/dictziplib.cpp:248:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->crc |= getc(str) << 24;
data/sdcv-0.5.2/src/dictziplib.cpp:249:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->length = getc(str) << 0;
data/sdcv-0.5.2/src/dictziplib.cpp:250:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->length |= getc(str) << 8;
data/sdcv-0.5.2/src/dictziplib.cpp:251:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->length |= getc(str) << 16;
data/sdcv-0.5.2/src/dictziplib.cpp:252:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
this->length |= getc(str) << 24;
data/sdcv-0.5.2/src/dictziplib.cpp:338:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void DictData::read(char *buffer, unsigned long start, unsigned long size)
data/sdcv-0.5.2/src/dictziplib.hpp:25:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(char *buffer, unsigned long start, unsigned long size);
data/sdcv-0.5.2/src/libwrapper.cpp:149:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sec_size = strlen(p);
data/sdcv-0.5.2/src/libwrapper.cpp:160:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sec_size = strlen(p);
data/sdcv-0.5.2/src/libwrapper.cpp:170:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sec_size = strlen(p);
data/sdcv-0.5.2/src/libwrapper.cpp:183:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sec_size = strlen(p);
data/sdcv-0.5.2/src/libwrapper.cpp:416:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
choice_readline->read(_("Your choice[-1 to abort]: "), str_choise);
data/sdcv-0.5.2/src/readline.cpp:42:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc(in)) != EOF && ch != '\n')
data/sdcv-0.5.2/src/readline.cpp:54:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(const std::string &banner, std::string &line) override
data/sdcv-0.5.2/src/readline.cpp:88:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bool read(const std::string &banner, std::string &line) override
data/sdcv-0.5.2/src/readline.hpp:9:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
virtual bool read(const std::string &banner, std::string &line) = 0;
data/sdcv-0.5.2/src/sdcv.cpp:217:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (io->read(_("Enter word or phrase: "), phrase)) {
data/sdcv-0.5.2/src/stardict_lib.cpp:95:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gchar *p1 = get_impl(buffer) + strlen(magic_data) - 1;
data/sdcv-0.5.2/src/stardict_lib.cpp:203:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dictdzfile->read(get_impl(origin_data), idxitem_offset, idxitem_size);
data/sdcv-0.5.2/src/stardict_lib.cpp:249:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sec_size = strlen(p2) + 1;
data/sdcv-0.5.2/src/stardict_lib.cpp:267:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sec_size = strlen(p2) + 1;
data/sdcv-0.5.2/src/stardict_lib.cpp:316:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dictdzfile->read(data + sizeof(guint32), idxitem_offset, idxitem_size);
data/sdcv-0.5.2/src/stardict_lib.cpp:341:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dictdzfile->read(origin_data, idxitem_offset, idxitem_size);
data/sdcv-0.5.2/src/stardict_lib.cpp:364:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sec_size = strlen(p) + 1;
data/sdcv-0.5.2/src/stardict_lib.cpp:372:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sec_size = strlen(p) + 1;
data/sdcv-0.5.2/src/stardict_lib.cpp:414:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sec_size = strlen(p) + 1;
data/sdcv-0.5.2/src/stardict_lib.cpp:422:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sec_size = strlen(p) + 1;
data/sdcv-0.5.2/src/stardict_lib.cpp:527:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(p);
data/sdcv-0.5.2/src/stardict_lib.cpp:575:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(mf.begin(), CACHE_MAGIC, strlen(CACHE_MAGIC)) != 0)
data/sdcv-0.5.2/src/stardict_lib.cpp:578:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(&tmp, mf.begin() + strlen(CACHE_MAGIC), sizeof(tmp));
data/sdcv-0.5.2/src/stardict_lib.cpp:581:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(&wordoffset[0], mf.begin() + strlen(CACHE_MAGIC) + sizeof(guint32), wordoffset.size() * sizeof(wordoffset[0]));
data/sdcv-0.5.2/src/stardict_lib.cpp:616:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fwrite(CACHE_MAGIC, 1, strlen(CACHE_MAGIC), out) != strlen(CACHE_MAGIC))
data/sdcv-0.5.2/src/stardict_lib.cpp:616:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fwrite(CACHE_MAGIC, 1, strlen(CACHE_MAGIC), out) != strlen(CACHE_MAGIC))
data/sdcv-0.5.2/src/stardict_lib.cpp:646:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
index_size = strlen(p1) + 1 + 2 * sizeof(guint32);
data/sdcv-0.5.2/src/stardict_lib.cpp:782:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 += strlen(p1) + 1 + 2 * sizeof(guint32);
data/sdcv-0.5.2/src/stardict_lib.cpp:791:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
gchar *p1 = wordlist[idx] + strlen(wordlist[idx]) + sizeof(gchar);
data/sdcv-0.5.2/src/stardict_lib.cpp:1129:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int iWordLen = strlen(sWord);
data/sdcv-0.5.2/src/stardict_lib.cpp:1231:25: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sNewWord, "E"); // add a char "E"
data/sdcv-0.5.2/src/stardict_lib.cpp:1233:25: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sNewWord, "e"); // add a char "e"
data/sdcv-0.5.2/src/stardict_lib.cpp:1313:21: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sNewWord, "Y"); // add a char "Y"
data/sdcv-0.5.2/src/stardict_lib.cpp:1315:21: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sNewWord, "y"); // add a char "y"
data/sdcv-0.5.2/src/stardict_lib.cpp:1336:21: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sNewWord, "Y"); // add a char "Y"
data/sdcv-0.5.2/src/stardict_lib.cpp:1338:21: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(sNewWord, "y"); // add a char "y"
ANALYSIS SUMMARY:
Hits = 125
Lines analyzed = 3762 in approximately 0.16 seconds (23850 lines/second)
Physical Source Lines of Code (SLOC) = 3089
Hits@level = [0] 30 [1] 74 [2] 37 [3] 4 [4] 10 [5] 0
Hits@level+ = [0+] 155 [1+] 125 [2+] 51 [3+] 14 [4+] 10 [5+] 0
Hits/KSLOC@level+ = [0+] 50.1781 [1+] 40.4662 [2+] 16.5102 [3+] 4.53221 [4+] 3.23729 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.